privateca

package
Version: v0.0.0-...-508584e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 24, 2022 License: Apache-2.0 Imports: 14 Imported by: 12

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	RevocationReason_name = map[int32]string{
		0: "REVOCATION_REASON_UNSPECIFIED",
		1: "KEY_COMPROMISE",
		2: "CERTIFICATE_AUTHORITY_COMPROMISE",
		3: "AFFILIATION_CHANGED",
		4: "SUPERSEDED",
		5: "CESSATION_OF_OPERATION",
		6: "CERTIFICATE_HOLD",
		7: "PRIVILEGE_WITHDRAWN",
		8: "ATTRIBUTE_AUTHORITY_COMPROMISE",
	}
	RevocationReason_value = map[string]int32{
		"REVOCATION_REASON_UNSPECIFIED":    0,
		"KEY_COMPROMISE":                   1,
		"CERTIFICATE_AUTHORITY_COMPROMISE": 2,
		"AFFILIATION_CHANGED":              3,
		"SUPERSEDED":                       4,
		"CESSATION_OF_OPERATION":           5,
		"CERTIFICATE_HOLD":                 6,
		"PRIVILEGE_WITHDRAWN":              7,
		"ATTRIBUTE_AUTHORITY_COMPROMISE":   8,
	}
)

Enum value maps for RevocationReason.

View Source
var (
	SubjectRequestMode_name = map[int32]string{
		0: "SUBJECT_REQUEST_MODE_UNSPECIFIED",
		1: "DEFAULT",
		2: "REFLECTED_SPIFFE",
	}
	SubjectRequestMode_value = map[string]int32{
		"SUBJECT_REQUEST_MODE_UNSPECIFIED": 0,
		"DEFAULT":                          1,
		"REFLECTED_SPIFFE":                 2,
	}
)

Enum value maps for SubjectRequestMode.

View Source
var (
	CertificateAuthority_Type_name = map[int32]string{
		0: "TYPE_UNSPECIFIED",
		1: "SELF_SIGNED",
		2: "SUBORDINATE",
	}
	CertificateAuthority_Type_value = map[string]int32{
		"TYPE_UNSPECIFIED": 0,
		"SELF_SIGNED":      1,
		"SUBORDINATE":      2,
	}
)

Enum value maps for CertificateAuthority_Type.

View Source
var (
	CertificateAuthority_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ENABLED",
		2: "DISABLED",
		3: "STAGED",
		4: "AWAITING_USER_ACTIVATION",
		5: "DELETED",
	}
	CertificateAuthority_State_value = map[string]int32{
		"STATE_UNSPECIFIED":        0,
		"ENABLED":                  1,
		"DISABLED":                 2,
		"STAGED":                   3,
		"AWAITING_USER_ACTIVATION": 4,
		"DELETED":                  5,
	}
)

Enum value maps for CertificateAuthority_State.

View Source
var (
	CertificateAuthority_SignHashAlgorithm_name = map[int32]string{
		0: "SIGN_HASH_ALGORITHM_UNSPECIFIED",
		1: "RSA_PSS_2048_SHA256",
		2: "RSA_PSS_3072_SHA256",
		3: "RSA_PSS_4096_SHA256",
		6: "RSA_PKCS1_2048_SHA256",
		7: "RSA_PKCS1_3072_SHA256",
		8: "RSA_PKCS1_4096_SHA256",
		4: "EC_P256_SHA256",
		5: "EC_P384_SHA384",
	}
	CertificateAuthority_SignHashAlgorithm_value = map[string]int32{
		"SIGN_HASH_ALGORITHM_UNSPECIFIED": 0,
		"RSA_PSS_2048_SHA256":             1,
		"RSA_PSS_3072_SHA256":             2,
		"RSA_PSS_4096_SHA256":             3,
		"RSA_PKCS1_2048_SHA256":           6,
		"RSA_PKCS1_3072_SHA256":           7,
		"RSA_PKCS1_4096_SHA256":           8,
		"EC_P256_SHA256":                  4,
		"EC_P384_SHA384":                  5,
	}
)

Enum value maps for CertificateAuthority_SignHashAlgorithm.

View Source
var (
	CaPool_Tier_name = map[int32]string{
		0: "TIER_UNSPECIFIED",
		1: "ENTERPRISE",
		2: "DEVOPS",
	}
	CaPool_Tier_value = map[string]int32{
		"TIER_UNSPECIFIED": 0,
		"ENTERPRISE":       1,
		"DEVOPS":           2,
	}
)

Enum value maps for CaPool_Tier.

View Source
var (
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm_name = map[int32]string{
		0: "EC_SIGNATURE_ALGORITHM_UNSPECIFIED",
		1: "ECDSA_P256",
		2: "ECDSA_P384",
		3: "EDDSA_25519",
	}
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm_value = map[string]int32{
		"EC_SIGNATURE_ALGORITHM_UNSPECIFIED": 0,
		"ECDSA_P256":                         1,
		"ECDSA_P384":                         2,
		"EDDSA_25519":                        3,
	}
)

Enum value maps for CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm.

View Source
var (
	CertificateRevocationList_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ACTIVE",
		2: "SUPERSEDED",
	}
	CertificateRevocationList_State_value = map[string]int32{
		"STATE_UNSPECIFIED": 0,
		"ACTIVE":            1,
		"SUPERSEDED":        2,
	}
)

Enum value maps for CertificateRevocationList_State.

View Source
var (
	PublicKey_KeyFormat_name = map[int32]string{
		0: "KEY_FORMAT_UNSPECIFIED",
		1: "PEM",
	}
	PublicKey_KeyFormat_value = map[string]int32{
		"KEY_FORMAT_UNSPECIFIED": 0,
		"PEM":                    1,
	}
)

Enum value maps for PublicKey_KeyFormat.

View Source
var (
	CertificateExtensionConstraints_KnownCertificateExtension_name = map[int32]string{
		0: "KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED",
		1: "BASE_KEY_USAGE",
		2: "EXTENDED_KEY_USAGE",
		3: "CA_OPTIONS",
		4: "POLICY_IDS",
		5: "AIA_OCSP_SERVERS",
	}
	CertificateExtensionConstraints_KnownCertificateExtension_value = map[string]int32{
		"KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED": 0,
		"BASE_KEY_USAGE":     1,
		"EXTENDED_KEY_USAGE": 2,
		"CA_OPTIONS":         3,
		"POLICY_IDS":         4,
		"AIA_OCSP_SERVERS":   5,
	}
)

Enum value maps for CertificateExtensionConstraints_KnownCertificateExtension.

View Source
var File_google_cloud_security_privateca_v1_resources_proto protoreflect.FileDescriptor
View Source
var File_google_cloud_security_privateca_v1_service_proto protoreflect.FileDescriptor

Functions

func RegisterCertificateAuthorityServiceServer

func RegisterCertificateAuthorityServiceServer(s *grpc.Server, srv CertificateAuthorityServiceServer)

Types

type ActivateCertificateAuthorityRequest

type ActivateCertificateAuthorityRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the
	// format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The signed CA certificate issued from
	// [FetchCertificateAuthorityCsrResponse.pem_csr][google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse.pem_csr].
	PemCaCertificate string `protobuf:"bytes,2,opt,name=pem_ca_certificate,json=pemCaCertificate,proto3" json:"pem_ca_certificate,omitempty"`
	// Required. Must include information about the issuer of 'pem_ca_certificate', and any
	// further issuers until the self-signed CA.
	SubordinateConfig *SubordinateConfig `protobuf:"bytes,3,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].

func (*ActivateCertificateAuthorityRequest) Descriptor deprecated

func (*ActivateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use ActivateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*ActivateCertificateAuthorityRequest) GetName

func (*ActivateCertificateAuthorityRequest) GetPemCaCertificate

func (x *ActivateCertificateAuthorityRequest) GetPemCaCertificate() string

func (*ActivateCertificateAuthorityRequest) GetRequestId

func (x *ActivateCertificateAuthorityRequest) GetRequestId() string

func (*ActivateCertificateAuthorityRequest) GetSubordinateConfig

func (x *ActivateCertificateAuthorityRequest) GetSubordinateConfig() *SubordinateConfig

func (*ActivateCertificateAuthorityRequest) ProtoMessage

func (*ActivateCertificateAuthorityRequest) ProtoMessage()

func (*ActivateCertificateAuthorityRequest) ProtoReflect

func (*ActivateCertificateAuthorityRequest) Reset

func (*ActivateCertificateAuthorityRequest) String

type CaPool

type CaPool struct {

	// Output only. The resource name for this [CaPool][google.cloud.security.privateca.v1.CaPool] in the
	// format `projects/*/locations/*/caPools/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. Immutable. The [Tier][google.cloud.security.privateca.v1.CaPool.Tier] of this [CaPool][google.cloud.security.privateca.v1.CaPool].
	Tier CaPool_Tier `protobuf:"varint,2,opt,name=tier,proto3,enum=google.cloud.security.privateca.v1.CaPool_Tier" json:"tier,omitempty"`
	// Optional. The [IssuancePolicy][google.cloud.security.privateca.v1.CaPool.IssuancePolicy] to control how [Certificates][google.cloud.security.privateca.v1.Certificate]
	// will be issued from this [CaPool][google.cloud.security.privateca.v1.CaPool].
	IssuancePolicy *CaPool_IssuancePolicy `protobuf:"bytes,3,opt,name=issuance_policy,json=issuancePolicy,proto3" json:"issuance_policy,omitempty"`
	// Optional. The [PublishingOptions][google.cloud.security.privateca.v1.CaPool.PublishingOptions] to follow when issuing
	// [Certificates][google.cloud.security.privateca.v1.Certificate] from any [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in this
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	PublishingOptions *CaPool_PublishingOptions `protobuf:"bytes,4,opt,name=publishing_options,json=publishingOptions,proto3" json:"publishing_options,omitempty"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `` /* 153-byte string literal not displayed */
	// contains filtered or unexported fields
}

A [CaPool][google.cloud.security.privateca.v1.CaPool] represents a group of [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority] that form a trust anchor. A [CaPool][google.cloud.security.privateca.v1.CaPool] can be used to manage issuance policies for one or more [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] resources and to rotate CA certificates in and out of the trust anchor.

func (*CaPool) Descriptor deprecated

func (*CaPool) Descriptor() ([]byte, []int)

Deprecated: Use CaPool.ProtoReflect.Descriptor instead.

func (*CaPool) GetIssuancePolicy

func (x *CaPool) GetIssuancePolicy() *CaPool_IssuancePolicy

func (*CaPool) GetLabels

func (x *CaPool) GetLabels() map[string]string

func (*CaPool) GetName

func (x *CaPool) GetName() string

func (*CaPool) GetPublishingOptions

func (x *CaPool) GetPublishingOptions() *CaPool_PublishingOptions

func (*CaPool) GetTier

func (x *CaPool) GetTier() CaPool_Tier

func (*CaPool) ProtoMessage

func (*CaPool) ProtoMessage()

func (*CaPool) ProtoReflect

func (x *CaPool) ProtoReflect() protoreflect.Message

func (*CaPool) Reset

func (x *CaPool) Reset()

func (*CaPool) String

func (x *CaPool) String() string

type CaPool_IssuancePolicy

type CaPool_IssuancePolicy struct {

	// Optional. If any [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType] is specified, then the certificate request's
	// public key must match one of the key types listed here. Otherwise,
	// any key may be used.
	AllowedKeyTypes []*CaPool_IssuancePolicy_AllowedKeyType `protobuf:"bytes,1,rep,name=allowed_key_types,json=allowedKeyTypes,proto3" json:"allowed_key_types,omitempty"`
	// Optional. The maximum lifetime allowed for issued [Certificates][google.cloud.security.privateca.v1.Certificate]. Note
	// that if the issuing [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] expires before a
	// [Certificate][google.cloud.security.privateca.v1.Certificate]'s requested maximum_lifetime, the effective lifetime will
	// be explicitly truncated to match it.
	MaximumLifetime *durationpb.Duration `protobuf:"bytes,2,opt,name=maximum_lifetime,json=maximumLifetime,proto3" json:"maximum_lifetime,omitempty"`
	// Optional. If specified, then only methods allowed in the [IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes] may be
	// used to issue [Certificates][google.cloud.security.privateca.v1.Certificate].
	AllowedIssuanceModes *CaPool_IssuancePolicy_IssuanceModes `protobuf:"bytes,3,opt,name=allowed_issuance_modes,json=allowedIssuanceModes,proto3" json:"allowed_issuance_modes,omitempty"`
	// Optional. A set of X.509 values that will be applied to all certificates issued
	// through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If a certificate request includes conflicting
	// values for the same properties, they will be overwritten by the values
	// defined here. If a certificate request uses a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// that defines conflicting
	// [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values] for the same
	// properties, the certificate issuance request will fail.
	BaselineValues *X509Parameters `protobuf:"bytes,4,opt,name=baseline_values,json=baselineValues,proto3" json:"baseline_values,omitempty"`
	// Optional. Describes constraints on identities that may appear in
	// [Certificates][google.cloud.security.privateca.v1.Certificate] issued through this [CaPool][google.cloud.security.privateca.v1.CaPool].
	// If this is omitted, then this [CaPool][google.cloud.security.privateca.v1.CaPool] will not add restrictions on a
	// certificate's identity.
	IdentityConstraints *CertificateIdentityConstraints `protobuf:"bytes,5,opt,name=identity_constraints,json=identityConstraints,proto3" json:"identity_constraints,omitempty"`
	// Optional. Describes the set of X.509 extensions that may appear in a
	// [Certificate][google.cloud.security.privateca.v1.Certificate] issued through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If a certificate request
	// sets extensions that don't appear in the [passthrough_extensions][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.passthrough_extensions],
	// those extensions will be dropped. If a certificate request uses a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] with
	// [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values] that don't
	// appear here, the certificate issuance request will fail. If this is
	// omitted, then this [CaPool][google.cloud.security.privateca.v1.CaPool] will not add restrictions on a
	// certificate's X.509 extensions. These constraints do not apply to X.509
	// extensions set in this [CaPool][google.cloud.security.privateca.v1.CaPool]'s [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values].
	PassthroughExtensions *CertificateExtensionConstraints `protobuf:"bytes,6,opt,name=passthrough_extensions,json=passthroughExtensions,proto3" json:"passthrough_extensions,omitempty"`
	// contains filtered or unexported fields
}

Defines controls over all certificate issuance within a [CaPool][google.cloud.security.privateca.v1.CaPool].

func (*CaPool_IssuancePolicy) Descriptor deprecated

func (*CaPool_IssuancePolicy) Descriptor() ([]byte, []int)

Deprecated: Use CaPool_IssuancePolicy.ProtoReflect.Descriptor instead.

func (*CaPool_IssuancePolicy) GetAllowedIssuanceModes

func (x *CaPool_IssuancePolicy) GetAllowedIssuanceModes() *CaPool_IssuancePolicy_IssuanceModes

func (*CaPool_IssuancePolicy) GetAllowedKeyTypes

func (*CaPool_IssuancePolicy) GetBaselineValues

func (x *CaPool_IssuancePolicy) GetBaselineValues() *X509Parameters

func (*CaPool_IssuancePolicy) GetIdentityConstraints

func (x *CaPool_IssuancePolicy) GetIdentityConstraints() *CertificateIdentityConstraints

func (*CaPool_IssuancePolicy) GetMaximumLifetime

func (x *CaPool_IssuancePolicy) GetMaximumLifetime() *durationpb.Duration

func (*CaPool_IssuancePolicy) GetPassthroughExtensions

func (x *CaPool_IssuancePolicy) GetPassthroughExtensions() *CertificateExtensionConstraints

func (*CaPool_IssuancePolicy) ProtoMessage

func (*CaPool_IssuancePolicy) ProtoMessage()

func (*CaPool_IssuancePolicy) ProtoReflect

func (x *CaPool_IssuancePolicy) ProtoReflect() protoreflect.Message

func (*CaPool_IssuancePolicy) Reset

func (x *CaPool_IssuancePolicy) Reset()

func (*CaPool_IssuancePolicy) String

func (x *CaPool_IssuancePolicy) String() string

type CaPool_IssuancePolicy_AllowedKeyType

type CaPool_IssuancePolicy_AllowedKeyType struct {

	// Types that are assignable to KeyType:
	//	*CaPool_IssuancePolicy_AllowedKeyType_Rsa
	//	*CaPool_IssuancePolicy_AllowedKeyType_EllipticCurve
	KeyType isCaPool_IssuancePolicy_AllowedKeyType_KeyType `protobuf_oneof:"key_type"`
	// contains filtered or unexported fields
}

Describes a "type" of key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool]. Note that a single [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType] may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.

func (*CaPool_IssuancePolicy_AllowedKeyType) Descriptor deprecated

func (*CaPool_IssuancePolicy_AllowedKeyType) Descriptor() ([]byte, []int)

Deprecated: Use CaPool_IssuancePolicy_AllowedKeyType.ProtoReflect.Descriptor instead.

func (*CaPool_IssuancePolicy_AllowedKeyType) GetEllipticCurve

func (*CaPool_IssuancePolicy_AllowedKeyType) GetKeyType

func (m *CaPool_IssuancePolicy_AllowedKeyType) GetKeyType() isCaPool_IssuancePolicy_AllowedKeyType_KeyType

func (*CaPool_IssuancePolicy_AllowedKeyType) GetRsa

func (*CaPool_IssuancePolicy_AllowedKeyType) ProtoMessage

func (*CaPool_IssuancePolicy_AllowedKeyType) ProtoMessage()

func (*CaPool_IssuancePolicy_AllowedKeyType) ProtoReflect

func (*CaPool_IssuancePolicy_AllowedKeyType) Reset

func (*CaPool_IssuancePolicy_AllowedKeyType) String

type CaPool_IssuancePolicy_AllowedKeyType_EcKeyType

type CaPool_IssuancePolicy_AllowedKeyType_EcKeyType struct {

	// Optional. A signature algorithm that must be used. If this is omitted, any
	// EC-based signature algorithm will be allowed.
	SignatureAlgorithm CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm `` /* 224-byte string literal not displayed */
	// contains filtered or unexported fields
}

Describes an Elliptic Curve key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].

func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) Descriptor deprecated

Deprecated: Use CaPool_IssuancePolicy_AllowedKeyType_EcKeyType.ProtoReflect.Descriptor instead.

func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) GetSignatureAlgorithm

func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) ProtoMessage

func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) ProtoReflect

func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) Reset

func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) String

type CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm

type CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm int32

Describes an elliptic curve-based signature algorithm that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].

const (
	// Not specified. Signifies that any signature algorithm may be used.
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EC_SIGNATURE_ALGORITHM_UNSPECIFIED CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 0
	// Refers to the Elliptic Curve Digital Signature Algorithm over the
	// NIST P-256 curve.
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_ECDSA_P256 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 1
	// Refers to the Elliptic Curve Digital Signature Algorithm over the
	// NIST P-384 curve.
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_ECDSA_P384 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 2
	// Refers to the Edwards-curve Digital Signature Algorithm over curve
	// 25519, as described in RFC 8410.
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EDDSA_25519 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 3
)

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Descriptor

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Enum

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) EnumDescriptor deprecated

Deprecated: Use CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm.Descriptor instead.

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Number

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) String

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Type

type CaPool_IssuancePolicy_AllowedKeyType_EllipticCurve

type CaPool_IssuancePolicy_AllowedKeyType_EllipticCurve struct {
	// Represents an allowed Elliptic Curve key type.
	EllipticCurve *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType `protobuf:"bytes,2,opt,name=elliptic_curve,json=ellipticCurve,proto3,oneof"`
}

type CaPool_IssuancePolicy_AllowedKeyType_Rsa

type CaPool_IssuancePolicy_AllowedKeyType_Rsa struct {
	// Represents an allowed RSA key type.
	Rsa *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType `protobuf:"bytes,1,opt,name=rsa,proto3,oneof"`
}

type CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType

type CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType struct {

	// Optional. The minimum allowed RSA modulus size (inclusive), in bits. If this is
	// not set, or if set to zero, the service-level min RSA modulus size
	// will continue to apply.
	MinModulusSize int64 `protobuf:"varint,1,opt,name=min_modulus_size,json=minModulusSize,proto3" json:"min_modulus_size,omitempty"`
	// Optional. The maximum allowed RSA modulus size (inclusive), in bits. If this is
	// not set, or if set to zero, the service will not enforce an explicit
	// upper bound on RSA modulus sizes.
	MaxModulusSize int64 `protobuf:"varint,2,opt,name=max_modulus_size,json=maxModulusSize,proto3" json:"max_modulus_size,omitempty"`
	// contains filtered or unexported fields
}

Describes an RSA key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) Descriptor deprecated

Deprecated: Use CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType.ProtoReflect.Descriptor instead.

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) GetMaxModulusSize

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) GetMinModulusSize

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) ProtoMessage

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) ProtoReflect

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) Reset

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) String

type CaPool_IssuancePolicy_IssuanceModes

type CaPool_IssuancePolicy_IssuanceModes struct {

	// Optional. When true, allows callers to create [Certificates][google.cloud.security.privateca.v1.Certificate] by
	// specifying a CSR.
	AllowCsrBasedIssuance bool `` /* 129-byte string literal not displayed */
	// Optional. When true, allows callers to create [Certificates][google.cloud.security.privateca.v1.Certificate] by
	// specifying a [CertificateConfig][google.cloud.security.privateca.v1.CertificateConfig].
	AllowConfigBasedIssuance bool `` /* 138-byte string literal not displayed */
	// contains filtered or unexported fields
}

[IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes] specifies the allowed ways in which [Certificates][google.cloud.security.privateca.v1.Certificate] may be requested from this [CaPool][google.cloud.security.privateca.v1.CaPool].

func (*CaPool_IssuancePolicy_IssuanceModes) Descriptor deprecated

func (*CaPool_IssuancePolicy_IssuanceModes) Descriptor() ([]byte, []int)

Deprecated: Use CaPool_IssuancePolicy_IssuanceModes.ProtoReflect.Descriptor instead.

func (*CaPool_IssuancePolicy_IssuanceModes) GetAllowConfigBasedIssuance

func (x *CaPool_IssuancePolicy_IssuanceModes) GetAllowConfigBasedIssuance() bool

func (*CaPool_IssuancePolicy_IssuanceModes) GetAllowCsrBasedIssuance

func (x *CaPool_IssuancePolicy_IssuanceModes) GetAllowCsrBasedIssuance() bool

func (*CaPool_IssuancePolicy_IssuanceModes) ProtoMessage

func (*CaPool_IssuancePolicy_IssuanceModes) ProtoMessage()

func (*CaPool_IssuancePolicy_IssuanceModes) ProtoReflect

func (*CaPool_IssuancePolicy_IssuanceModes) Reset

func (*CaPool_IssuancePolicy_IssuanceModes) String

type CaPool_PublishingOptions

type CaPool_PublishingOptions struct {

	// Optional. When true, publishes each [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CA certificate and
	// includes its URL in the "Authority Information Access" X.509 extension
	// in all issued [Certificates][google.cloud.security.privateca.v1.Certificate]. If this is false, the CA
	// certificate will not be published and the corresponding X.509 extension
	// will not be written in issued certificates.
	PublishCaCert bool `protobuf:"varint,1,opt,name=publish_ca_cert,json=publishCaCert,proto3" json:"publish_ca_cert,omitempty"`
	// Optional. When true, publishes each [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CRL and includes its
	// URL in the "CRL Distribution Points" X.509 extension in all issued
	// [Certificates][google.cloud.security.privateca.v1.Certificate]. If this is false, CRLs will not be published
	// and the corresponding X.509 extension will not be written in issued
	// certificates.
	// CRLs will expire 7 days from their creation. However, we will rebuild
	// daily. CRLs are also rebuilt shortly after a certificate is revoked.
	PublishCrl bool `protobuf:"varint,2,opt,name=publish_crl,json=publishCrl,proto3" json:"publish_crl,omitempty"`
	// contains filtered or unexported fields
}

Options relating to the publication of each [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CA certificate and CRLs and their inclusion as extensions in issued [Certificates][google.cloud.security.privateca.v1.Certificate]. The options set here apply to certificates issued by any [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the [CaPool][google.cloud.security.privateca.v1.CaPool].

func (*CaPool_PublishingOptions) Descriptor deprecated

func (*CaPool_PublishingOptions) Descriptor() ([]byte, []int)

Deprecated: Use CaPool_PublishingOptions.ProtoReflect.Descriptor instead.

func (*CaPool_PublishingOptions) GetPublishCaCert

func (x *CaPool_PublishingOptions) GetPublishCaCert() bool

func (*CaPool_PublishingOptions) GetPublishCrl

func (x *CaPool_PublishingOptions) GetPublishCrl() bool

func (*CaPool_PublishingOptions) ProtoMessage

func (*CaPool_PublishingOptions) ProtoMessage()

func (*CaPool_PublishingOptions) ProtoReflect

func (x *CaPool_PublishingOptions) ProtoReflect() protoreflect.Message

func (*CaPool_PublishingOptions) Reset

func (x *CaPool_PublishingOptions) Reset()

func (*CaPool_PublishingOptions) String

func (x *CaPool_PublishingOptions) String() string

type CaPool_Tier

type CaPool_Tier int32

The tier of a [CaPool][google.cloud.security.privateca.v1.CaPool], indicating its supported functionality and/or billing SKU.

const (
	// Not specified.
	CaPool_TIER_UNSPECIFIED CaPool_Tier = 0
	// Enterprise tier.
	CaPool_ENTERPRISE CaPool_Tier = 1
	// DevOps tier.
	CaPool_DEVOPS CaPool_Tier = 2
)

func (CaPool_Tier) Descriptor

func (CaPool_Tier) Enum

func (x CaPool_Tier) Enum() *CaPool_Tier

func (CaPool_Tier) EnumDescriptor deprecated

func (CaPool_Tier) EnumDescriptor() ([]byte, []int)

Deprecated: Use CaPool_Tier.Descriptor instead.

func (CaPool_Tier) Number

func (x CaPool_Tier) Number() protoreflect.EnumNumber

func (CaPool_Tier) String

func (x CaPool_Tier) String() string

func (CaPool_Tier) Type

type Certificate

type Certificate struct {

	// Output only. The resource name for this [Certificate][google.cloud.security.privateca.v1.Certificate] in the format
	// `projects/*/locations/*/caPools/*/certificates/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The config used to create a signed X.509 certificate.
	//
	// Types that are assignable to CertificateConfig:
	//	*Certificate_PemCsr
	//	*Certificate_Config
	CertificateConfig isCertificate_CertificateConfig `protobuf_oneof:"certificate_config"`
	// Output only. The resource name of the issuing [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the format
	// `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	IssuerCertificateAuthority string `` /* 141-byte string literal not displayed */
	// Required. Immutable. The desired lifetime of a certificate. Used to create the
	// "not_before_time" and "not_after_time" fields inside an X.509
	// certificate. Note that the lifetime may be truncated if it would extend
	// past the life of any certificate authority in the issuing chain.
	Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
	// Immutable. The resource name for a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] used to issue this
	// certificate, in the format
	// `projects/*/locations/*/certificateTemplates/*`.
	// If this is specified, the caller must have the necessary permission to
	// use this template. If this is omitted, no template will be used.
	// This template must be in the same location as the [Certificate][google.cloud.security.privateca.v1.Certificate].
	CertificateTemplate string `protobuf:"bytes,6,opt,name=certificate_template,json=certificateTemplate,proto3" json:"certificate_template,omitempty"`
	// Immutable. Specifies how the [Certificate][google.cloud.security.privateca.v1.Certificate]'s identity fields are to be decided.
	// If this is omitted, the `DEFAULT` subject mode will be used.
	SubjectMode SubjectRequestMode `` /* 154-byte string literal not displayed */
	// Output only. Details regarding the revocation of this [Certificate][google.cloud.security.privateca.v1.Certificate]. This
	// [Certificate][google.cloud.security.privateca.v1.Certificate] is considered revoked if and only if this field is present.
	RevocationDetails *Certificate_RevocationDetails `protobuf:"bytes,8,opt,name=revocation_details,json=revocationDetails,proto3" json:"revocation_details,omitempty"`
	// Output only. The pem-encoded, signed X.509 certificate.
	PemCertificate string `protobuf:"bytes,9,opt,name=pem_certificate,json=pemCertificate,proto3" json:"pem_certificate,omitempty"`
	// Output only. A structured description of the issued X.509 certificate.
	CertificateDescription *CertificateDescription `` /* 128-byte string literal not displayed */
	// Output only. The chain that may be used to verify the X.509 certificate. Expected to be
	// in issuer-to-root order according to RFC 5246.
	PemCertificateChain []string `protobuf:"bytes,11,rep,name=pem_certificate_chain,json=pemCertificateChain,proto3" json:"pem_certificate_chain,omitempty"`
	// Output only. The time at which this [Certificate][google.cloud.security.privateca.v1.Certificate] was created.
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,12,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// Output only. The time at which this [Certificate][google.cloud.security.privateca.v1.Certificate] was updated.
	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `` /* 154-byte string literal not displayed */
	// contains filtered or unexported fields
}

A [Certificate][google.cloud.security.privateca.v1.Certificate] corresponds to a signed X.509 certificate issued by a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].

func (*Certificate) Descriptor deprecated

func (*Certificate) Descriptor() ([]byte, []int)

Deprecated: Use Certificate.ProtoReflect.Descriptor instead.

func (*Certificate) GetCertificateConfig

func (m *Certificate) GetCertificateConfig() isCertificate_CertificateConfig

func (*Certificate) GetCertificateDescription

func (x *Certificate) GetCertificateDescription() *CertificateDescription

func (*Certificate) GetCertificateTemplate

func (x *Certificate) GetCertificateTemplate() string

func (*Certificate) GetConfig

func (x *Certificate) GetConfig() *CertificateConfig

func (*Certificate) GetCreateTime

func (x *Certificate) GetCreateTime() *timestamppb.Timestamp

func (*Certificate) GetIssuerCertificateAuthority

func (x *Certificate) GetIssuerCertificateAuthority() string

func (*Certificate) GetLabels

func (x *Certificate) GetLabels() map[string]string

func (*Certificate) GetLifetime

func (x *Certificate) GetLifetime() *durationpb.Duration

func (*Certificate) GetName

func (x *Certificate) GetName() string

func (*Certificate) GetPemCertificate

func (x *Certificate) GetPemCertificate() string

func (*Certificate) GetPemCertificateChain

func (x *Certificate) GetPemCertificateChain() []string

func (*Certificate) GetPemCsr

func (x *Certificate) GetPemCsr() string

func (*Certificate) GetRevocationDetails

func (x *Certificate) GetRevocationDetails() *Certificate_RevocationDetails

func (*Certificate) GetSubjectMode

func (x *Certificate) GetSubjectMode() SubjectRequestMode

func (*Certificate) GetUpdateTime

func (x *Certificate) GetUpdateTime() *timestamppb.Timestamp

func (*Certificate) ProtoMessage

func (*Certificate) ProtoMessage()

func (*Certificate) ProtoReflect

func (x *Certificate) ProtoReflect() protoreflect.Message

func (*Certificate) Reset

func (x *Certificate) Reset()

func (*Certificate) String

func (x *Certificate) String() string

type CertificateAuthority

type CertificateAuthority struct {

	// Output only. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the
	// format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. Immutable. The [Type][google.cloud.security.privateca.v1.CertificateAuthority.Type] of this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	Type CertificateAuthority_Type `` /* 128-byte string literal not displayed */
	// Required. Immutable. The config used to create a self-signed X.509 certificate or CSR.
	Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3" json:"config,omitempty"`
	// Required. Immutable. The desired lifetime of the CA certificate. Used to create the
	// "not_before_time" and "not_after_time" fields inside an X.509
	// certificate.
	Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
	// Required. Immutable. Used when issuing certificates for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]. If this
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] is a self-signed CertificateAuthority, this key
	// is also used to sign the self-signed CA certificate. Otherwise, it
	// is used to sign a CSR.
	KeySpec *CertificateAuthority_KeyVersionSpec `protobuf:"bytes,5,opt,name=key_spec,json=keySpec,proto3" json:"key_spec,omitempty"`
	// Optional. If this is a subordinate [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], this field will be set
	// with the subordinate configuration, which describes its issuers. This may
	// be updated, but this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] must continue to validate.
	SubordinateConfig *SubordinateConfig `protobuf:"bytes,6,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
	// Output only. The [CaPool.Tier][google.cloud.security.privateca.v1.CaPool.Tier] of the [CaPool][google.cloud.security.privateca.v1.CaPool] that includes this
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	Tier CaPool_Tier `protobuf:"varint,7,opt,name=tier,proto3,enum=google.cloud.security.privateca.v1.CaPool_Tier" json:"tier,omitempty"`
	// Output only. The [State][google.cloud.security.privateca.v1.CertificateAuthority.State] for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	State CertificateAuthority_State `` /* 131-byte string literal not displayed */
	// Output only. This [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s certificate chain, including the current
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s certificate. Ordered such that the root issuer
	// is the final element (consistent with RFC 5246). For a self-signed CA, this
	// will only list the current [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s certificate.
	PemCaCertificates []string `protobuf:"bytes,9,rep,name=pem_ca_certificates,json=pemCaCertificates,proto3" json:"pem_ca_certificates,omitempty"`
	// Output only. A structured description of this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CA certificate
	// and its issuers. Ordered as self-to-root.
	CaCertificateDescriptions []*CertificateDescription `` /* 139-byte string literal not displayed */
	// Immutable. The name of a Cloud Storage bucket where this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will
	// publish content, such as the CA certificate and CRLs. This must be a bucket
	// name, without any prefixes (such as `gs://`) or suffixes (such as
	// `.googleapis.com`). For example, to use a bucket named `my-bucket`, you
	// would simply specify `my-bucket`. If not specified, a managed bucket will
	// be created.
	GcsBucket string `protobuf:"bytes,11,opt,name=gcs_bucket,json=gcsBucket,proto3" json:"gcs_bucket,omitempty"`
	// Output only. URLs for accessing content published by this CA, such as the CA certificate
	// and CRLs.
	AccessUrls *CertificateAuthority_AccessUrls `protobuf:"bytes,12,opt,name=access_urls,json=accessUrls,proto3" json:"access_urls,omitempty"`
	// Output only. The time at which this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] was created.
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// Output only. The time at which this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] was last updated.
	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,14,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
	// Output only. The time at which this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] was soft deleted, if
	// it is in the [DELETED][google.cloud.security.privateca.v1.CertificateAuthority.State.DELETED] state.
	DeleteTime *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=delete_time,json=deleteTime,proto3" json:"delete_time,omitempty"`
	// Output only. The time at which this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will be permanently purged,
	// if it is in the [DELETED][google.cloud.security.privateca.v1.CertificateAuthority.State.DELETED] state.
	ExpireTime *timestamppb.Timestamp `protobuf:"bytes,16,opt,name=expire_time,json=expireTime,proto3" json:"expire_time,omitempty"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `` /* 154-byte string literal not displayed */
	// contains filtered or unexported fields
}

A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] represents an individual Certificate Authority. A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] can be used to create [Certificates][google.cloud.security.privateca.v1.Certificate].

func (*CertificateAuthority) Descriptor deprecated

func (*CertificateAuthority) Descriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority.ProtoReflect.Descriptor instead.

func (*CertificateAuthority) GetAccessUrls

func (*CertificateAuthority) GetCaCertificateDescriptions

func (x *CertificateAuthority) GetCaCertificateDescriptions() []*CertificateDescription

func (*CertificateAuthority) GetConfig

func (x *CertificateAuthority) GetConfig() *CertificateConfig

func (*CertificateAuthority) GetCreateTime

func (x *CertificateAuthority) GetCreateTime() *timestamppb.Timestamp

func (*CertificateAuthority) GetDeleteTime

func (x *CertificateAuthority) GetDeleteTime() *timestamppb.Timestamp

func (*CertificateAuthority) GetExpireTime

func (x *CertificateAuthority) GetExpireTime() *timestamppb.Timestamp

func (*CertificateAuthority) GetGcsBucket

func (x *CertificateAuthority) GetGcsBucket() string

func (*CertificateAuthority) GetKeySpec

func (*CertificateAuthority) GetLabels

func (x *CertificateAuthority) GetLabels() map[string]string

func (*CertificateAuthority) GetLifetime

func (x *CertificateAuthority) GetLifetime() *durationpb.Duration

func (*CertificateAuthority) GetName

func (x *CertificateAuthority) GetName() string

func (*CertificateAuthority) GetPemCaCertificates

func (x *CertificateAuthority) GetPemCaCertificates() []string

func (*CertificateAuthority) GetState

func (*CertificateAuthority) GetSubordinateConfig

func (x *CertificateAuthority) GetSubordinateConfig() *SubordinateConfig

func (*CertificateAuthority) GetTier

func (x *CertificateAuthority) GetTier() CaPool_Tier

func (*CertificateAuthority) GetType

func (*CertificateAuthority) GetUpdateTime

func (x *CertificateAuthority) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateAuthority) ProtoMessage

func (*CertificateAuthority) ProtoMessage()

func (*CertificateAuthority) ProtoReflect

func (x *CertificateAuthority) ProtoReflect() protoreflect.Message

func (*CertificateAuthority) Reset

func (x *CertificateAuthority) Reset()

func (*CertificateAuthority) String

func (x *CertificateAuthority) String() string

type CertificateAuthorityServiceClient

type CertificateAuthorityServiceClient interface {
	// Create a new [Certificate][google.cloud.security.privateca.v1.Certificate] in a given Project, Location from a particular
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CreateCertificate(ctx context.Context, in *CreateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Returns a [Certificate][google.cloud.security.privateca.v1.Certificate].
	GetCertificate(ctx context.Context, in *GetCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Lists [Certificates][google.cloud.security.privateca.v1.Certificate].
	ListCertificates(ctx context.Context, in *ListCertificatesRequest, opts ...grpc.CallOption) (*ListCertificatesResponse, error)
	// Revoke a [Certificate][google.cloud.security.privateca.v1.Certificate].
	RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Update a [Certificate][google.cloud.security.privateca.v1.Certificate]. Currently, the only field you can update is the
	// [labels][google.cloud.security.privateca.v1.Certificate.labels] field.
	UpdateCertificate(ctx context.Context, in *UpdateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Activate a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] that is in state
	// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
	// and is of type [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE]. After
	// the parent Certificate Authority signs a certificate signing request from
	// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
	// process.
	ActivateCertificateAuthority(ctx context.Context, in *ActivateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Create a new [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in a given Project and Location.
	CreateCertificateAuthority(ctx context.Context, in *CreateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Disable a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	DisableCertificateAuthority(ctx context.Context, in *DisableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Enable a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	EnableCertificateAuthority(ctx context.Context, in *EnableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that is in state
	// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
	// and is of type [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE]. The
	// CSR must then be signed by the desired parent Certificate Authority, which
	// could be another [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] resource, or could be an on-prem
	// certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
	FetchCertificateAuthorityCsr(ctx context.Context, in *FetchCertificateAuthorityCsrRequest, opts ...grpc.CallOption) (*FetchCertificateAuthorityCsrResponse, error)
	// Returns a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	GetCertificateAuthority(ctx context.Context, in *GetCertificateAuthorityRequest, opts ...grpc.CallOption) (*CertificateAuthority, error)
	// Lists [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority].
	ListCertificateAuthorities(ctx context.Context, in *ListCertificateAuthoritiesRequest, opts ...grpc.CallOption) (*ListCertificateAuthoritiesResponse, error)
	// Undelete a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] that has been deleted.
	UndeleteCertificateAuthority(ctx context.Context, in *UndeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Delete a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	DeleteCertificateAuthority(ctx context.Context, in *DeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Update a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	UpdateCertificateAuthority(ctx context.Context, in *UpdateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Create a [CaPool][google.cloud.security.privateca.v1.CaPool].
	CreateCaPool(ctx context.Context, in *CreateCaPoolRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Update a [CaPool][google.cloud.security.privateca.v1.CaPool].
	UpdateCaPool(ctx context.Context, in *UpdateCaPoolRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Returns a [CaPool][google.cloud.security.privateca.v1.CaPool].
	GetCaPool(ctx context.Context, in *GetCaPoolRequest, opts ...grpc.CallOption) (*CaPool, error)
	// Lists [CaPools][google.cloud.security.privateca.v1.CaPool].
	ListCaPools(ctx context.Context, in *ListCaPoolsRequest, opts ...grpc.CallOption) (*ListCaPoolsResponse, error)
	// Delete a [CaPool][google.cloud.security.privateca.v1.CaPool].
	DeleteCaPool(ctx context.Context, in *DeleteCaPoolRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// FetchCaCerts returns the current trust anchor for the [CaPool][google.cloud.security.privateca.v1.CaPool]. This will
	// include CA certificate chains for all ACTIVE [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// resources in the [CaPool][google.cloud.security.privateca.v1.CaPool].
	FetchCaCerts(ctx context.Context, in *FetchCaCertsRequest, opts ...grpc.CallOption) (*FetchCaCertsResponse, error)
	// Returns a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	GetCertificateRevocationList(ctx context.Context, in *GetCertificateRevocationListRequest, opts ...grpc.CallOption) (*CertificateRevocationList, error)
	// Lists [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList].
	ListCertificateRevocationLists(ctx context.Context, in *ListCertificateRevocationListsRequest, opts ...grpc.CallOption) (*ListCertificateRevocationListsResponse, error)
	// Update a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	UpdateCertificateRevocationList(ctx context.Context, in *UpdateCertificateRevocationListRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Create a new [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] in a given Project and Location.
	CreateCertificateTemplate(ctx context.Context, in *CreateCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// DeleteCertificateTemplate deletes a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	DeleteCertificateTemplate(ctx context.Context, in *DeleteCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Returns a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	GetCertificateTemplate(ctx context.Context, in *GetCertificateTemplateRequest, opts ...grpc.CallOption) (*CertificateTemplate, error)
	// Lists [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
	ListCertificateTemplates(ctx context.Context, in *ListCertificateTemplatesRequest, opts ...grpc.CallOption) (*ListCertificateTemplatesResponse, error)
	// Update a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	UpdateCertificateTemplate(ctx context.Context, in *UpdateCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
}

CertificateAuthorityServiceClient is the client API for CertificateAuthorityService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

type CertificateAuthorityServiceServer

type CertificateAuthorityServiceServer interface {
	// Create a new [Certificate][google.cloud.security.privateca.v1.Certificate] in a given Project, Location from a particular
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CreateCertificate(context.Context, *CreateCertificateRequest) (*Certificate, error)
	// Returns a [Certificate][google.cloud.security.privateca.v1.Certificate].
	GetCertificate(context.Context, *GetCertificateRequest) (*Certificate, error)
	// Lists [Certificates][google.cloud.security.privateca.v1.Certificate].
	ListCertificates(context.Context, *ListCertificatesRequest) (*ListCertificatesResponse, error)
	// Revoke a [Certificate][google.cloud.security.privateca.v1.Certificate].
	RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Certificate, error)
	// Update a [Certificate][google.cloud.security.privateca.v1.Certificate]. Currently, the only field you can update is the
	// [labels][google.cloud.security.privateca.v1.Certificate.labels] field.
	UpdateCertificate(context.Context, *UpdateCertificateRequest) (*Certificate, error)
	// Activate a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] that is in state
	// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
	// and is of type [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE]. After
	// the parent Certificate Authority signs a certificate signing request from
	// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
	// process.
	ActivateCertificateAuthority(context.Context, *ActivateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Create a new [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in a given Project and Location.
	CreateCertificateAuthority(context.Context, *CreateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Disable a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	DisableCertificateAuthority(context.Context, *DisableCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Enable a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	EnableCertificateAuthority(context.Context, *EnableCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that is in state
	// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
	// and is of type [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE]. The
	// CSR must then be signed by the desired parent Certificate Authority, which
	// could be another [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] resource, or could be an on-prem
	// certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
	FetchCertificateAuthorityCsr(context.Context, *FetchCertificateAuthorityCsrRequest) (*FetchCertificateAuthorityCsrResponse, error)
	// Returns a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	GetCertificateAuthority(context.Context, *GetCertificateAuthorityRequest) (*CertificateAuthority, error)
	// Lists [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority].
	ListCertificateAuthorities(context.Context, *ListCertificateAuthoritiesRequest) (*ListCertificateAuthoritiesResponse, error)
	// Undelete a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] that has been deleted.
	UndeleteCertificateAuthority(context.Context, *UndeleteCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Delete a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	DeleteCertificateAuthority(context.Context, *DeleteCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Update a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	UpdateCertificateAuthority(context.Context, *UpdateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Create a [CaPool][google.cloud.security.privateca.v1.CaPool].
	CreateCaPool(context.Context, *CreateCaPoolRequest) (*longrunning.Operation, error)
	// Update a [CaPool][google.cloud.security.privateca.v1.CaPool].
	UpdateCaPool(context.Context, *UpdateCaPoolRequest) (*longrunning.Operation, error)
	// Returns a [CaPool][google.cloud.security.privateca.v1.CaPool].
	GetCaPool(context.Context, *GetCaPoolRequest) (*CaPool, error)
	// Lists [CaPools][google.cloud.security.privateca.v1.CaPool].
	ListCaPools(context.Context, *ListCaPoolsRequest) (*ListCaPoolsResponse, error)
	// Delete a [CaPool][google.cloud.security.privateca.v1.CaPool].
	DeleteCaPool(context.Context, *DeleteCaPoolRequest) (*longrunning.Operation, error)
	// FetchCaCerts returns the current trust anchor for the [CaPool][google.cloud.security.privateca.v1.CaPool]. This will
	// include CA certificate chains for all ACTIVE [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// resources in the [CaPool][google.cloud.security.privateca.v1.CaPool].
	FetchCaCerts(context.Context, *FetchCaCertsRequest) (*FetchCaCertsResponse, error)
	// Returns a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	GetCertificateRevocationList(context.Context, *GetCertificateRevocationListRequest) (*CertificateRevocationList, error)
	// Lists [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList].
	ListCertificateRevocationLists(context.Context, *ListCertificateRevocationListsRequest) (*ListCertificateRevocationListsResponse, error)
	// Update a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	UpdateCertificateRevocationList(context.Context, *UpdateCertificateRevocationListRequest) (*longrunning.Operation, error)
	// Create a new [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] in a given Project and Location.
	CreateCertificateTemplate(context.Context, *CreateCertificateTemplateRequest) (*longrunning.Operation, error)
	// DeleteCertificateTemplate deletes a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	DeleteCertificateTemplate(context.Context, *DeleteCertificateTemplateRequest) (*longrunning.Operation, error)
	// Returns a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	GetCertificateTemplate(context.Context, *GetCertificateTemplateRequest) (*CertificateTemplate, error)
	// Lists [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
	ListCertificateTemplates(context.Context, *ListCertificateTemplatesRequest) (*ListCertificateTemplatesResponse, error)
	// Update a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	UpdateCertificateTemplate(context.Context, *UpdateCertificateTemplateRequest) (*longrunning.Operation, error)
}

CertificateAuthorityServiceServer is the server API for CertificateAuthorityService service.

type CertificateAuthority_AccessUrls

type CertificateAuthority_AccessUrls struct {

	// The URL where this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CA certificate is
	// published. This will only be set for CAs that have been activated.
	CaCertificateAccessUrl string `` /* 131-byte string literal not displayed */
	// The URLs where this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CRLs are published. This
	// will only be set for CAs that have been activated.
	CrlAccessUrls []string `protobuf:"bytes,2,rep,name=crl_access_urls,json=crlAccessUrls,proto3" json:"crl_access_urls,omitempty"`
	// contains filtered or unexported fields
}

URLs where a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will publish content.

func (*CertificateAuthority_AccessUrls) Descriptor deprecated

func (*CertificateAuthority_AccessUrls) Descriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_AccessUrls.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl

func (x *CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl() string

func (*CertificateAuthority_AccessUrls) GetCrlAccessUrls

func (x *CertificateAuthority_AccessUrls) GetCrlAccessUrls() []string

func (*CertificateAuthority_AccessUrls) ProtoMessage

func (*CertificateAuthority_AccessUrls) ProtoMessage()

func (*CertificateAuthority_AccessUrls) ProtoReflect

func (*CertificateAuthority_AccessUrls) Reset

func (*CertificateAuthority_AccessUrls) String

type CertificateAuthority_KeyVersionSpec

type CertificateAuthority_KeyVersionSpec struct {

	// Types that are assignable to KeyVersion:
	//	*CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion
	//	*CertificateAuthority_KeyVersionSpec_Algorithm
	KeyVersion isCertificateAuthority_KeyVersionSpec_KeyVersion `protobuf_oneof:"KeyVersion"`
	// contains filtered or unexported fields
}

A Cloud KMS key configuration that a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will use.

func (*CertificateAuthority_KeyVersionSpec) Descriptor deprecated

func (*CertificateAuthority_KeyVersionSpec) Descriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_KeyVersionSpec.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_KeyVersionSpec) GetAlgorithm

func (*CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion

func (x *CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion() string

func (*CertificateAuthority_KeyVersionSpec) GetKeyVersion

func (m *CertificateAuthority_KeyVersionSpec) GetKeyVersion() isCertificateAuthority_KeyVersionSpec_KeyVersion

func (*CertificateAuthority_KeyVersionSpec) ProtoMessage

func (*CertificateAuthority_KeyVersionSpec) ProtoMessage()

func (*CertificateAuthority_KeyVersionSpec) ProtoReflect

func (*CertificateAuthority_KeyVersionSpec) Reset

func (*CertificateAuthority_KeyVersionSpec) String

type CertificateAuthority_KeyVersionSpec_Algorithm

type CertificateAuthority_KeyVersionSpec_Algorithm struct {
	// The algorithm to use for creating a managed Cloud KMS key for a for a
	// simplified experience. All managed keys will be have their
	// [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] as `HSM`.
	Algorithm CertificateAuthority_SignHashAlgorithm `` /* 130-byte string literal not displayed */
}

type CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion

type CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion struct {
	// The resource name for an existing Cloud KMS CryptoKeyVersion in the
	// format
	// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
	// This option enables full flexibility in the key's capabilities and
	// properties.
	CloudKmsKeyVersion string `protobuf:"bytes,1,opt,name=cloud_kms_key_version,json=cloudKmsKeyVersion,proto3,oneof"`
}

type CertificateAuthority_SignHashAlgorithm

type CertificateAuthority_SignHashAlgorithm int32

The algorithm of a Cloud KMS CryptoKeyVersion of a [CryptoKey][google.cloud.kms.v1.CryptoKey] with the [CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] value `ASYMMETRIC_SIGN`. These values correspond to the [CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] values. For RSA signing algorithms, the PSS algorithms should be preferred, use PKCS1 algorithms if required for compatibility. For further recommendations, see https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.

const (
	// Not specified.
	CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED CertificateAuthority_SignHashAlgorithm = 0
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
	CertificateAuthority_RSA_PSS_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 1
	// maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256
	CertificateAuthority_RSA_PSS_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 2
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
	CertificateAuthority_RSA_PSS_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 3
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
	CertificateAuthority_RSA_PKCS1_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 6
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
	CertificateAuthority_RSA_PKCS1_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 7
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
	CertificateAuthority_RSA_PKCS1_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 8
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
	CertificateAuthority_EC_P256_SHA256 CertificateAuthority_SignHashAlgorithm = 4
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
	CertificateAuthority_EC_P384_SHA384 CertificateAuthority_SignHashAlgorithm = 5
)

func (CertificateAuthority_SignHashAlgorithm) Descriptor

func (CertificateAuthority_SignHashAlgorithm) Enum

func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor deprecated

func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_SignHashAlgorithm.Descriptor instead.

func (CertificateAuthority_SignHashAlgorithm) Number

func (CertificateAuthority_SignHashAlgorithm) String

func (CertificateAuthority_SignHashAlgorithm) Type

type CertificateAuthority_State

type CertificateAuthority_State int32

The state of a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], indicating if it can be used.

const (
	// Not specified.
	CertificateAuthority_STATE_UNSPECIFIED CertificateAuthority_State = 0
	// Certificates can be issued from this CA. CRLs will be generated for this
	// CA. The CA will be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and will be
	// used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_ENABLED CertificateAuthority_State = 1
	// Certificates cannot be issued from this CA. CRLs will still be generated.
	// The CA will be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, but will not be
	// used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_DISABLED CertificateAuthority_State = 2
	// Certificates can be issued from this CA. CRLs will be generated for this
	// CA. The CA will be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, but will not
	// be used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_STAGED CertificateAuthority_State = 3
	// Certificates cannot be issued from this CA. CRLs will not be generated.
	// The CA will not be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and will not be
	// used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_AWAITING_USER_ACTIVATION CertificateAuthority_State = 4
	// Certificates cannot be issued from this CA. CRLs will not be generated.
	// The CA may still be recovered by calling
	// [CertificateAuthorityService.UndeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UndeleteCertificateAuthority] before
	// [expire_time][google.cloud.security.privateca.v1.CertificateAuthority.expire_time].
	// The CA will not be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and will not be
	// used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_DELETED CertificateAuthority_State = 5
)

func (CertificateAuthority_State) Descriptor

func (CertificateAuthority_State) Enum

func (CertificateAuthority_State) EnumDescriptor deprecated

func (CertificateAuthority_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_State.Descriptor instead.

func (CertificateAuthority_State) Number

func (CertificateAuthority_State) String

func (CertificateAuthority_State) Type

type CertificateAuthority_Type

type CertificateAuthority_Type int32

The type of a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], indicating its issuing chain.

const (
	// Not specified.
	CertificateAuthority_TYPE_UNSPECIFIED CertificateAuthority_Type = 0
	// Self-signed CA.
	CertificateAuthority_SELF_SIGNED CertificateAuthority_Type = 1
	// Subordinate CA. Could be issued by a Private CA [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// or an unmanaged CA.
	CertificateAuthority_SUBORDINATE CertificateAuthority_Type = 2
)

func (CertificateAuthority_Type) Descriptor

func (CertificateAuthority_Type) Enum

func (CertificateAuthority_Type) EnumDescriptor deprecated

func (CertificateAuthority_Type) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_Type.Descriptor instead.

func (CertificateAuthority_Type) Number

func (CertificateAuthority_Type) String

func (x CertificateAuthority_Type) String() string

func (CertificateAuthority_Type) Type

type CertificateConfig

type CertificateConfig struct {

	// Required. Specifies some of the values in a certificate that are related to the
	// subject.
	SubjectConfig *CertificateConfig_SubjectConfig `protobuf:"bytes,1,opt,name=subject_config,json=subjectConfig,proto3" json:"subject_config,omitempty"`
	// Required. Describes how some of the technical X.509 fields in a certificate should be
	// populated.
	X509Config *X509Parameters `protobuf:"bytes,2,opt,name=x509_config,json=x509Config,proto3" json:"x509_config,omitempty"`
	// Optional. The public key that corresponds to this config. This is, for example, used
	// when issuing [Certificates][google.cloud.security.privateca.v1.Certificate], but not when creating a
	// self-signed [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] or [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] CSR.
	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// contains filtered or unexported fields
}

A [CertificateConfig][google.cloud.security.privateca.v1.CertificateConfig] describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

func (*CertificateConfig) Descriptor deprecated

func (*CertificateConfig) Descriptor() ([]byte, []int)

Deprecated: Use CertificateConfig.ProtoReflect.Descriptor instead.

func (*CertificateConfig) GetPublicKey

func (x *CertificateConfig) GetPublicKey() *PublicKey

func (*CertificateConfig) GetSubjectConfig

func (x *CertificateConfig) GetSubjectConfig() *CertificateConfig_SubjectConfig

func (*CertificateConfig) GetX509Config

func (x *CertificateConfig) GetX509Config() *X509Parameters

func (*CertificateConfig) ProtoMessage

func (*CertificateConfig) ProtoMessage()

func (*CertificateConfig) ProtoReflect

func (x *CertificateConfig) ProtoReflect() protoreflect.Message

func (*CertificateConfig) Reset

func (x *CertificateConfig) Reset()

func (*CertificateConfig) String

func (x *CertificateConfig) String() string

type CertificateConfig_SubjectConfig

type CertificateConfig_SubjectConfig struct {

	// Required. Contains distinguished name fields such as the common name, location and
	// organization.
	Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// Optional. The subject alternative name fields.
	SubjectAltName *SubjectAltNames `protobuf:"bytes,2,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
	// contains filtered or unexported fields
}

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

func (*CertificateConfig_SubjectConfig) Descriptor deprecated

func (*CertificateConfig_SubjectConfig) Descriptor() ([]byte, []int)

Deprecated: Use CertificateConfig_SubjectConfig.ProtoReflect.Descriptor instead.

func (*CertificateConfig_SubjectConfig) GetSubject

func (x *CertificateConfig_SubjectConfig) GetSubject() *Subject

func (*CertificateConfig_SubjectConfig) GetSubjectAltName

func (x *CertificateConfig_SubjectConfig) GetSubjectAltName() *SubjectAltNames

func (*CertificateConfig_SubjectConfig) ProtoMessage

func (*CertificateConfig_SubjectConfig) ProtoMessage()

func (*CertificateConfig_SubjectConfig) ProtoReflect

func (*CertificateConfig_SubjectConfig) Reset

func (*CertificateConfig_SubjectConfig) String

type CertificateDescription

type CertificateDescription struct {

	// Describes some of the values in a certificate that are related to the
	// subject and lifetime.
	SubjectDescription *CertificateDescription_SubjectDescription `protobuf:"bytes,1,opt,name=subject_description,json=subjectDescription,proto3" json:"subject_description,omitempty"`
	// Describes some of the technical X.509 fields in a certificate.
	X509Description *X509Parameters `protobuf:"bytes,2,opt,name=x509_description,json=x509Description,proto3" json:"x509_description,omitempty"`
	// The public key that corresponds to an issued certificate.
	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// Provides a means of identifiying certificates that contain a particular
	// public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
	SubjectKeyId *CertificateDescription_KeyId `protobuf:"bytes,4,opt,name=subject_key_id,json=subjectKeyId,proto3" json:"subject_key_id,omitempty"`
	// Identifies the subject_key_id of the parent certificate, per
	// https://tools.ietf.org/html/rfc5280#section-4.2.1.1
	AuthorityKeyId *CertificateDescription_KeyId `protobuf:"bytes,5,opt,name=authority_key_id,json=authorityKeyId,proto3" json:"authority_key_id,omitempty"`
	// Describes a list of locations to obtain CRL information, i.e.
	// the DistributionPoint.fullName described by
	// https://tools.ietf.org/html/rfc5280#section-4.2.1.13
	CrlDistributionPoints []string `` /* 126-byte string literal not displayed */
	// Describes lists of issuer CA certificate URLs that appear in the
	// "Authority Information Access" extension in the certificate.
	AiaIssuingCertificateUrls []string `` /* 140-byte string literal not displayed */
	// The hash of the x.509 certificate.
	CertFingerprint *CertificateDescription_CertificateFingerprint `protobuf:"bytes,8,opt,name=cert_fingerprint,json=certFingerprint,proto3" json:"cert_fingerprint,omitempty"`
	// contains filtered or unexported fields
}

A [CertificateDescription][google.cloud.security.privateca.v1.CertificateDescription] describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

func (*CertificateDescription) Descriptor deprecated

func (*CertificateDescription) Descriptor() ([]byte, []int)

Deprecated: Use CertificateDescription.ProtoReflect.Descriptor instead.

func (*CertificateDescription) GetAiaIssuingCertificateUrls

func (x *CertificateDescription) GetAiaIssuingCertificateUrls() []string

func (*CertificateDescription) GetAuthorityKeyId

func (x *CertificateDescription) GetAuthorityKeyId() *CertificateDescription_KeyId

func (*CertificateDescription) GetCertFingerprint

func (*CertificateDescription) GetCrlDistributionPoints

func (x *CertificateDescription) GetCrlDistributionPoints() []string

func (*CertificateDescription) GetPublicKey

func (x *CertificateDescription) GetPublicKey() *PublicKey

func (*CertificateDescription) GetSubjectDescription

func (*CertificateDescription) GetSubjectKeyId

func (*CertificateDescription) GetX509Description

func (x *CertificateDescription) GetX509Description() *X509Parameters

func (*CertificateDescription) ProtoMessage

func (*CertificateDescription) ProtoMessage()

func (*CertificateDescription) ProtoReflect

func (x *CertificateDescription) ProtoReflect() protoreflect.Message

func (*CertificateDescription) Reset

func (x *CertificateDescription) Reset()

func (*CertificateDescription) String

func (x *CertificateDescription) String() string

type CertificateDescription_CertificateFingerprint

type CertificateDescription_CertificateFingerprint struct {

	// The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
	Sha256Hash string `protobuf:"bytes,1,opt,name=sha256_hash,json=sha256Hash,proto3" json:"sha256_hash,omitempty"`
	// contains filtered or unexported fields
}

A group of fingerprints for the x509 certificate.

func (*CertificateDescription_CertificateFingerprint) Descriptor deprecated

Deprecated: Use CertificateDescription_CertificateFingerprint.ProtoReflect.Descriptor instead.

func (*CertificateDescription_CertificateFingerprint) GetSha256Hash

func (*CertificateDescription_CertificateFingerprint) ProtoMessage

func (*CertificateDescription_CertificateFingerprint) ProtoReflect

func (*CertificateDescription_CertificateFingerprint) Reset

func (*CertificateDescription_CertificateFingerprint) String

type CertificateDescription_KeyId

type CertificateDescription_KeyId struct {

	// Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
	// likely the 160 bit SHA-1 hash of the public key.
	KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// contains filtered or unexported fields
}

A KeyId identifies a specific public key, usually by hashing the public key.

func (*CertificateDescription_KeyId) Descriptor deprecated

func (*CertificateDescription_KeyId) Descriptor() ([]byte, []int)

Deprecated: Use CertificateDescription_KeyId.ProtoReflect.Descriptor instead.

func (*CertificateDescription_KeyId) GetKeyId

func (x *CertificateDescription_KeyId) GetKeyId() string

func (*CertificateDescription_KeyId) ProtoMessage

func (*CertificateDescription_KeyId) ProtoMessage()

func (*CertificateDescription_KeyId) ProtoReflect

func (*CertificateDescription_KeyId) Reset

func (x *CertificateDescription_KeyId) Reset()

func (*CertificateDescription_KeyId) String

type CertificateDescription_SubjectDescription

type CertificateDescription_SubjectDescription struct {

	// Contains distinguished name fields such as the common name, location and
	// / organization.
	Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// The subject alternative name fields.
	SubjectAltName *SubjectAltNames `protobuf:"bytes,2,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
	// The serial number encoded in lowercase hexadecimal.
	HexSerialNumber string `protobuf:"bytes,3,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
	// For convenience, the actual lifetime of an issued certificate.
	Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
	// The time at which the certificate becomes valid.
	NotBeforeTime *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=not_before_time,json=notBeforeTime,proto3" json:"not_before_time,omitempty"`
	// The time after which the certificate is expired.
	// Per RFC 5280, the validity period for a certificate is the period of time
	// from not_before_time through not_after_time, inclusive.
	// Corresponds to 'not_before_time' + 'lifetime' - 1 second.
	NotAfterTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_after_time,json=notAfterTime,proto3" json:"not_after_time,omitempty"`
	// contains filtered or unexported fields
}

These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.

func (*CertificateDescription_SubjectDescription) Descriptor deprecated

func (*CertificateDescription_SubjectDescription) Descriptor() ([]byte, []int)

Deprecated: Use CertificateDescription_SubjectDescription.ProtoReflect.Descriptor instead.

func (*CertificateDescription_SubjectDescription) GetHexSerialNumber

func (x *CertificateDescription_SubjectDescription) GetHexSerialNumber() string

func (*CertificateDescription_SubjectDescription) GetLifetime

func (*CertificateDescription_SubjectDescription) GetNotAfterTime

func (*CertificateDescription_SubjectDescription) GetNotBeforeTime

func (*CertificateDescription_SubjectDescription) GetSubject

func (*CertificateDescription_SubjectDescription) GetSubjectAltName

func (*CertificateDescription_SubjectDescription) ProtoMessage

func (*CertificateDescription_SubjectDescription) ProtoReflect

func (*CertificateDescription_SubjectDescription) Reset

func (*CertificateDescription_SubjectDescription) String

type CertificateExtensionConstraints

type CertificateExtensionConstraints struct {

	// Optional. A set of named X.509 extensions. Will be combined with
	// [additional_extensions][google.cloud.security.privateca.v1.CertificateExtensionConstraints.additional_extensions] to determine the full set of X.509 extensions.
	KnownExtensions []CertificateExtensionConstraints_KnownCertificateExtension `` /* 212-byte string literal not displayed */
	// Optional. A set of [ObjectIds][google.cloud.security.privateca.v1.ObjectId] identifying custom X.509 extensions.
	// Will be combined with [known_extensions][google.cloud.security.privateca.v1.CertificateExtensionConstraints.known_extensions] to determine the full set of
	// X.509 extensions.
	AdditionalExtensions []*ObjectId `protobuf:"bytes,2,rep,name=additional_extensions,json=additionalExtensions,proto3" json:"additional_extensions,omitempty"`
	// contains filtered or unexported fields
}

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

func (*CertificateExtensionConstraints) Descriptor deprecated

func (*CertificateExtensionConstraints) Descriptor() ([]byte, []int)

Deprecated: Use CertificateExtensionConstraints.ProtoReflect.Descriptor instead.

func (*CertificateExtensionConstraints) GetAdditionalExtensions

func (x *CertificateExtensionConstraints) GetAdditionalExtensions() []*ObjectId

func (*CertificateExtensionConstraints) GetKnownExtensions

func (*CertificateExtensionConstraints) ProtoMessage

func (*CertificateExtensionConstraints) ProtoMessage()

func (*CertificateExtensionConstraints) ProtoReflect

func (*CertificateExtensionConstraints) Reset

func (*CertificateExtensionConstraints) String

type CertificateExtensionConstraints_KnownCertificateExtension

type CertificateExtensionConstraints_KnownCertificateExtension int32

Describes well-known X.509 extensions that can appear in a [Certificate][google.cloud.security.privateca.v1.Certificate], not including the [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] extension.

const (
	// Not specified.
	CertificateExtensionConstraints_KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED CertificateExtensionConstraints_KnownCertificateExtension = 0
	// Refers to a certificate's Key Usage extension, as described in [RFC 5280
	// section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3).
	// This corresponds to the [KeyUsage.base_key_usage][google.cloud.security.privateca.v1.KeyUsage.base_key_usage] field.
	CertificateExtensionConstraints_BASE_KEY_USAGE CertificateExtensionConstraints_KnownCertificateExtension = 1
	// Refers to a certificate's Extended Key Usage extension, as described in
	// [RFC 5280
	// section 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12).
	// This corresponds to the [KeyUsage.extended_key_usage][google.cloud.security.privateca.v1.KeyUsage.extended_key_usage] message.
	CertificateExtensionConstraints_EXTENDED_KEY_USAGE CertificateExtensionConstraints_KnownCertificateExtension = 2
	// Refers to a certificate's Basic Constraints extension, as described in
	// [RFC 5280
	// section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9).
	// This corresponds to the [X509Parameters.ca_options][google.cloud.security.privateca.v1.X509Parameters.ca_options] field.
	CertificateExtensionConstraints_CA_OPTIONS CertificateExtensionConstraints_KnownCertificateExtension = 3
	// Refers to a certificate's Policy object identifiers, as described in
	// [RFC 5280
	// section 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4).
	// This corresponds to the [X509Parameters.policy_ids][google.cloud.security.privateca.v1.X509Parameters.policy_ids] field.
	CertificateExtensionConstraints_POLICY_IDS CertificateExtensionConstraints_KnownCertificateExtension = 4
	// Refers to OCSP servers in a certificate's Authority Information Access
	// extension, as described in
	// [RFC 5280
	// section 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1),
	// This corresponds to the [X509Parameters.aia_ocsp_servers][google.cloud.security.privateca.v1.X509Parameters.aia_ocsp_servers] field.
	CertificateExtensionConstraints_AIA_OCSP_SERVERS CertificateExtensionConstraints_KnownCertificateExtension = 5
)

func (CertificateExtensionConstraints_KnownCertificateExtension) Descriptor

func (CertificateExtensionConstraints_KnownCertificateExtension) Enum

func (CertificateExtensionConstraints_KnownCertificateExtension) EnumDescriptor deprecated

Deprecated: Use CertificateExtensionConstraints_KnownCertificateExtension.Descriptor instead.

func (CertificateExtensionConstraints_KnownCertificateExtension) Number

func (CertificateExtensionConstraints_KnownCertificateExtension) String

func (CertificateExtensionConstraints_KnownCertificateExtension) Type

type CertificateIdentityConstraints

type CertificateIdentityConstraints struct {

	// Optional. A CEL expression that may be used to validate the resolved X.509 Subject
	// and/or Subject Alternative Name before a certificate is signed.
	// To see the full allowed syntax and some examples, see
	// https://cloud.google.com/certificate-authority-service/docs/using-cel
	CelExpression *expr.Expr `protobuf:"bytes,1,opt,name=cel_expression,json=celExpression,proto3" json:"cel_expression,omitempty"`
	// Required. If this is true, the [Subject][google.cloud.security.privateca.v1.Subject] field may be copied from a certificate
	// request into the signed certificate. Otherwise, the requested [Subject][google.cloud.security.privateca.v1.Subject]
	// will be discarded.
	AllowSubjectPassthrough *bool `` /* 139-byte string literal not displayed */
	// Required. If this is true, the [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] extension may be copied from a
	// certificate request into the signed certificate. Otherwise, the requested
	// [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] will be discarded.
	AllowSubjectAltNamesPassthrough *bool `` /* 167-byte string literal not displayed */
	// contains filtered or unexported fields
}

Describes constraints on a [Certificate][google.cloud.security.privateca.v1.Certificate]'s [Subject][google.cloud.security.privateca.v1.Subject] and [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames].

func (*CertificateIdentityConstraints) Descriptor deprecated

func (*CertificateIdentityConstraints) Descriptor() ([]byte, []int)

Deprecated: Use CertificateIdentityConstraints.ProtoReflect.Descriptor instead.

func (*CertificateIdentityConstraints) GetAllowSubjectAltNamesPassthrough

func (x *CertificateIdentityConstraints) GetAllowSubjectAltNamesPassthrough() bool

func (*CertificateIdentityConstraints) GetAllowSubjectPassthrough

func (x *CertificateIdentityConstraints) GetAllowSubjectPassthrough() bool

func (*CertificateIdentityConstraints) GetCelExpression

func (x *CertificateIdentityConstraints) GetCelExpression() *expr.Expr

func (*CertificateIdentityConstraints) ProtoMessage

func (*CertificateIdentityConstraints) ProtoMessage()

func (*CertificateIdentityConstraints) ProtoReflect

func (*CertificateIdentityConstraints) Reset

func (x *CertificateIdentityConstraints) Reset()

func (*CertificateIdentityConstraints) String

type CertificateRevocationList

type CertificateRevocationList struct {

	// Output only. The resource name for this [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] in
	// the format
	// `projects/*/locations/*/caPools/*certificateAuthorities/*/
	//    certificateRevocationLists/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Output only. The CRL sequence number that appears in pem_crl.
	SequenceNumber int64 `protobuf:"varint,2,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"`
	// Output only. The revoked serial numbers that appear in pem_crl.
	RevokedCertificates []*CertificateRevocationList_RevokedCertificate `protobuf:"bytes,3,rep,name=revoked_certificates,json=revokedCertificates,proto3" json:"revoked_certificates,omitempty"`
	// Output only. The PEM-encoded X.509 CRL.
	PemCrl string `protobuf:"bytes,4,opt,name=pem_crl,json=pemCrl,proto3" json:"pem_crl,omitempty"`
	// Output only. The location where 'pem_crl' can be accessed.
	AccessUrl string `protobuf:"bytes,5,opt,name=access_url,json=accessUrl,proto3" json:"access_url,omitempty"`
	// Output only. The [State][google.cloud.security.privateca.v1.CertificateRevocationList.State] for this [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	State CertificateRevocationList_State `` /* 136-byte string literal not displayed */
	// Output only. The time at which this [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] was created.
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// Output only. The time at which this [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] was updated.
	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
	// Output only. The revision ID of this [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList]. A new revision is
	// committed whenever a new CRL is published. The format is an 8-character
	// hexadecimal string.
	RevisionId string `protobuf:"bytes,9,opt,name=revision_id,json=revisionId,proto3" json:"revision_id,omitempty"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `` /* 154-byte string literal not displayed */
	// contains filtered or unexported fields
}

A [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.

func (*CertificateRevocationList) Descriptor deprecated

func (*CertificateRevocationList) Descriptor() ([]byte, []int)

Deprecated: Use CertificateRevocationList.ProtoReflect.Descriptor instead.

func (*CertificateRevocationList) GetAccessUrl

func (x *CertificateRevocationList) GetAccessUrl() string

func (*CertificateRevocationList) GetCreateTime

func (x *CertificateRevocationList) GetCreateTime() *timestamppb.Timestamp

func (*CertificateRevocationList) GetLabels

func (x *CertificateRevocationList) GetLabels() map[string]string

func (*CertificateRevocationList) GetName

func (x *CertificateRevocationList) GetName() string

func (*CertificateRevocationList) GetPemCrl

func (x *CertificateRevocationList) GetPemCrl() string

func (*CertificateRevocationList) GetRevisionId

func (x *CertificateRevocationList) GetRevisionId() string

func (*CertificateRevocationList) GetRevokedCertificates

func (*CertificateRevocationList) GetSequenceNumber

func (x *CertificateRevocationList) GetSequenceNumber() int64

func (*CertificateRevocationList) GetState

func (*CertificateRevocationList) GetUpdateTime

func (x *CertificateRevocationList) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateRevocationList) ProtoMessage

func (*CertificateRevocationList) ProtoMessage()

func (*CertificateRevocationList) ProtoReflect

func (*CertificateRevocationList) Reset

func (x *CertificateRevocationList) Reset()

func (*CertificateRevocationList) String

func (x *CertificateRevocationList) String() string

type CertificateRevocationList_RevokedCertificate

type CertificateRevocationList_RevokedCertificate struct {

	// The resource name for the [Certificate][google.cloud.security.privateca.v1.Certificate] in the format
	// `projects/*/locations/*/caPools/*/certificates/*`.
	Certificate string `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`
	// The serial number of the [Certificate][google.cloud.security.privateca.v1.Certificate].
	HexSerialNumber string `protobuf:"bytes,2,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
	// The reason the [Certificate][google.cloud.security.privateca.v1.Certificate] was revoked.
	RevocationReason RevocationReason `` /* 167-byte string literal not displayed */
	// contains filtered or unexported fields
}

Describes a revoked [Certificate][google.cloud.security.privateca.v1.Certificate].

func (*CertificateRevocationList_RevokedCertificate) Descriptor deprecated

Deprecated: Use CertificateRevocationList_RevokedCertificate.ProtoReflect.Descriptor instead.

func (*CertificateRevocationList_RevokedCertificate) GetCertificate

func (*CertificateRevocationList_RevokedCertificate) GetHexSerialNumber

func (x *CertificateRevocationList_RevokedCertificate) GetHexSerialNumber() string

func (*CertificateRevocationList_RevokedCertificate) GetRevocationReason

func (*CertificateRevocationList_RevokedCertificate) ProtoMessage

func (*CertificateRevocationList_RevokedCertificate) ProtoReflect

func (*CertificateRevocationList_RevokedCertificate) Reset

func (*CertificateRevocationList_RevokedCertificate) String

type CertificateRevocationList_State

type CertificateRevocationList_State int32

The state of a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList], indicating if it is current.

const (
	// Not specified.
	CertificateRevocationList_STATE_UNSPECIFIED CertificateRevocationList_State = 0
	// The [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] is up to date.
	CertificateRevocationList_ACTIVE CertificateRevocationList_State = 1
	// The [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] is no longer current.
	CertificateRevocationList_SUPERSEDED CertificateRevocationList_State = 2
)

func (CertificateRevocationList_State) Descriptor

func (CertificateRevocationList_State) Enum

func (CertificateRevocationList_State) EnumDescriptor deprecated

func (CertificateRevocationList_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateRevocationList_State.Descriptor instead.

func (CertificateRevocationList_State) Number

func (CertificateRevocationList_State) String

func (CertificateRevocationList_State) Type

type CertificateTemplate

type CertificateTemplate struct {

	// Output only. The resource name for this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] in the format
	// `projects/*/locations/*/certificateTemplates/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. A set of X.509 values that will be applied to all issued certificates that
	// use this template. If the certificate request includes conflicting values
	// for the same properties, they will be overwritten by the values defined
	// here. If the issuing [CaPool][google.cloud.security.privateca.v1.CaPool]'s [IssuancePolicy][google.cloud.security.privateca.v1.CaPool.IssuancePolicy]
	// defines conflicting
	// [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values] for the same
	// properties, the certificate issuance request will fail.
	PredefinedValues *X509Parameters `protobuf:"bytes,2,opt,name=predefined_values,json=predefinedValues,proto3" json:"predefined_values,omitempty"`
	// Optional. Describes constraints on identities that may be appear in
	// [Certificates][google.cloud.security.privateca.v1.Certificate] issued using this template. If this is omitted,
	// then this template will not add restrictions on a certificate's identity.
	IdentityConstraints *CertificateIdentityConstraints `protobuf:"bytes,3,opt,name=identity_constraints,json=identityConstraints,proto3" json:"identity_constraints,omitempty"`
	// Optional. Describes the set of X.509 extensions that may appear in a
	// [Certificate][google.cloud.security.privateca.v1.Certificate] issued using this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]. If a certificate
	// request sets extensions that don't appear in the
	// [passthrough_extensions][google.cloud.security.privateca.v1.CertificateTemplate.passthrough_extensions], those extensions will be dropped. If the
	// issuing [CaPool][google.cloud.security.privateca.v1.CaPool]'s [IssuancePolicy][google.cloud.security.privateca.v1.CaPool.IssuancePolicy] defines
	// [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values] that don't appear
	// here, the certificate issuance request will fail. If this is omitted, then
	// this template will not add restrictions on a certificate's X.509
	// extensions. These constraints do not apply to X.509 extensions set in this
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]'s [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values].
	PassthroughExtensions *CertificateExtensionConstraints `protobuf:"bytes,4,opt,name=passthrough_extensions,json=passthroughExtensions,proto3" json:"passthrough_extensions,omitempty"`
	// Optional. A human-readable description of scenarios this template is intended for.
	Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty"`
	// Output only. The time at which this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] was created.
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// Output only. The time at which this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] was updated.
	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `` /* 153-byte string literal not displayed */
	// contains filtered or unexported fields
}

A [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] refers to a managed template for certificate issuance.

func (*CertificateTemplate) Descriptor deprecated

func (*CertificateTemplate) Descriptor() ([]byte, []int)

Deprecated: Use CertificateTemplate.ProtoReflect.Descriptor instead.

func (*CertificateTemplate) GetCreateTime

func (x *CertificateTemplate) GetCreateTime() *timestamppb.Timestamp

func (*CertificateTemplate) GetDescription

func (x *CertificateTemplate) GetDescription() string

func (*CertificateTemplate) GetIdentityConstraints

func (x *CertificateTemplate) GetIdentityConstraints() *CertificateIdentityConstraints

func (*CertificateTemplate) GetLabels

func (x *CertificateTemplate) GetLabels() map[string]string

func (*CertificateTemplate) GetName

func (x *CertificateTemplate) GetName() string

func (*CertificateTemplate) GetPassthroughExtensions

func (x *CertificateTemplate) GetPassthroughExtensions() *CertificateExtensionConstraints

func (*CertificateTemplate) GetPredefinedValues

func (x *CertificateTemplate) GetPredefinedValues() *X509Parameters

func (*CertificateTemplate) GetUpdateTime

func (x *CertificateTemplate) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateTemplate) ProtoMessage

func (*CertificateTemplate) ProtoMessage()

func (*CertificateTemplate) ProtoReflect

func (x *CertificateTemplate) ProtoReflect() protoreflect.Message

func (*CertificateTemplate) Reset

func (x *CertificateTemplate) Reset()

func (*CertificateTemplate) String

func (x *CertificateTemplate) String() string

type Certificate_Config

type Certificate_Config struct {
	// Immutable. A description of the certificate and key that does not require X.509 or
	// ASN.1.
	Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3,oneof"`
}

type Certificate_PemCsr

type Certificate_PemCsr struct {
	// Immutable. A pem-encoded X.509 certificate signing request (CSR).
	PemCsr string `protobuf:"bytes,2,opt,name=pem_csr,json=pemCsr,proto3,oneof"`
}

type Certificate_RevocationDetails

type Certificate_RevocationDetails struct {

	// Indicates why a [Certificate][google.cloud.security.privateca.v1.Certificate] was revoked.
	RevocationState RevocationReason `` /* 164-byte string literal not displayed */
	// The time at which this [Certificate][google.cloud.security.privateca.v1.Certificate] was revoked.
	RevocationTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=revocation_time,json=revocationTime,proto3" json:"revocation_time,omitempty"`
	// contains filtered or unexported fields
}

Describes fields that are relavent to the revocation of a [Certificate][google.cloud.security.privateca.v1.Certificate].

func (*Certificate_RevocationDetails) Descriptor deprecated

func (*Certificate_RevocationDetails) Descriptor() ([]byte, []int)

Deprecated: Use Certificate_RevocationDetails.ProtoReflect.Descriptor instead.

func (*Certificate_RevocationDetails) GetRevocationState

func (x *Certificate_RevocationDetails) GetRevocationState() RevocationReason

func (*Certificate_RevocationDetails) GetRevocationTime

func (x *Certificate_RevocationDetails) GetRevocationTime() *timestamppb.Timestamp

func (*Certificate_RevocationDetails) ProtoMessage

func (*Certificate_RevocationDetails) ProtoMessage()

func (*Certificate_RevocationDetails) ProtoReflect

func (*Certificate_RevocationDetails) Reset

func (x *Certificate_RevocationDetails) Reset()

func (*Certificate_RevocationDetails) String

type CreateCaPoolRequest

type CreateCaPoolRequest struct {

	// Required. The resource name of the location associated with the
	// [CaPool][google.cloud.security.privateca.v1.CaPool], in the format `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	CaPoolId string `protobuf:"bytes,2,opt,name=ca_pool_id,json=caPoolId,proto3" json:"ca_pool_id,omitempty"`
	// Required. A [CaPool][google.cloud.security.privateca.v1.CaPool] with initial field values.
	CaPool *CaPool `protobuf:"bytes,3,opt,name=ca_pool,json=caPool,proto3" json:"ca_pool,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.CreateCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCaPool].

func (*CreateCaPoolRequest) Descriptor deprecated

func (*CreateCaPoolRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateCaPoolRequest.ProtoReflect.Descriptor instead.

func (*CreateCaPoolRequest) GetCaPool

func (x *CreateCaPoolRequest) GetCaPool() *CaPool

func (*CreateCaPoolRequest) GetCaPoolId

func (x *CreateCaPoolRequest) GetCaPoolId() string

func (*CreateCaPoolRequest) GetParent

func (x *CreateCaPoolRequest) GetParent() string

func (*CreateCaPoolRequest) GetRequestId

func (x *CreateCaPoolRequest) GetRequestId() string

func (*CreateCaPoolRequest) ProtoMessage

func (*CreateCaPoolRequest) ProtoMessage()

func (*CreateCaPoolRequest) ProtoReflect

func (x *CreateCaPoolRequest) ProtoReflect() protoreflect.Message

func (*CreateCaPoolRequest) Reset

func (x *CreateCaPoolRequest) Reset()

func (*CreateCaPoolRequest) String

func (x *CreateCaPoolRequest) String() string

type CreateCertificateAuthorityRequest

type CreateCertificateAuthorityRequest struct {

	// Required. The resource name of the [CaPool][google.cloud.security.privateca.v1.CaPool] associated with the
	// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority], in the format
	// `projects/*/locations/*/caPools/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	CertificateAuthorityId string `` /* 129-byte string literal not displayed */
	// Required. A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] with initial field values.
	CertificateAuthority *CertificateAuthority `protobuf:"bytes,3,opt,name=certificate_authority,json=certificateAuthority,proto3" json:"certificate_authority,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.CreateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificateAuthority].

func (*CreateCertificateAuthorityRequest) Descriptor deprecated

func (*CreateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*CreateCertificateAuthorityRequest) GetCertificateAuthority

func (x *CreateCertificateAuthorityRequest) GetCertificateAuthority() *CertificateAuthority

func (*CreateCertificateAuthorityRequest) GetCertificateAuthorityId

func (x *CreateCertificateAuthorityRequest) GetCertificateAuthorityId() string

func (*CreateCertificateAuthorityRequest) GetParent

func (*CreateCertificateAuthorityRequest) GetRequestId

func (x *CreateCertificateAuthorityRequest) GetRequestId() string

func (*CreateCertificateAuthorityRequest) ProtoMessage

func (*CreateCertificateAuthorityRequest) ProtoMessage()

func (*CreateCertificateAuthorityRequest) ProtoReflect

func (*CreateCertificateAuthorityRequest) Reset

func (*CreateCertificateAuthorityRequest) String

type CreateCertificateRequest

type CreateCertificateRequest struct {

	// Required. The resource name of the [CaPool][google.cloud.security.privateca.v1.CaPool] associated with the [Certificate][google.cloud.security.privateca.v1.Certificate],
	// in the format `projects/*/locations/*/caPools/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the Enterprise [CertificateAuthority.Tier][],
	// but is optional and its value is ignored otherwise.
	CertificateId string `protobuf:"bytes,2,opt,name=certificate_id,json=certificateId,proto3" json:"certificate_id,omitempty"`
	// Required. A [Certificate][google.cloud.security.privateca.v1.Certificate] with initial field values.
	Certificate *Certificate `protobuf:"bytes,3,opt,name=certificate,proto3" json:"certificate,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and the
	// request times out. If you make the request again with the same request ID,
	// the server can check if original operation with the same request ID was
	// received, and if so, will ignore the second request. This prevents clients
	// from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// Optional. If this is true, no [Certificate][google.cloud.security.privateca.v1.Certificate] resource will be persisted regardless
	// of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s [tier][google.cloud.security.privateca.v1.CaPool.tier], and the returned [Certificate][google.cloud.security.privateca.v1.Certificate]
	// will not contain the [pem_certificate][google.cloud.security.privateca.v1.Certificate.pem_certificate] field.
	ValidateOnly bool `protobuf:"varint,5,opt,name=validate_only,json=validateOnly,proto3" json:"validate_only,omitempty"`
	// Optional. The resource ID of the [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] that should issue the
	// certificate.  This optional field will ignore the load-balancing scheme of
	// the Pool and directly issue the certificate from the CA with the specified
	// ID, contained in the same [CaPool][google.cloud.security.privateca.v1.CaPool] referenced by `parent`. Per-CA quota
	// rules apply. If left empty, a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will be chosen from
	// the [CaPool][google.cloud.security.privateca.v1.CaPool] by the service. For example, to issue a [Certificate][google.cloud.security.privateca.v1.Certificate] from
	// a Certificate Authority with resource name
	// "projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca",
	// you can set the [parent][google.cloud.security.privateca.v1.CreateCertificateRequest.parent] to
	// "projects/my-project/locations/us-central1/caPools/my-pool" and the
	// [issuing_certificate_authority_id][google.cloud.security.privateca.v1.CreateCertificateRequest.issuing_certificate_authority_id] to "my-ca".
	IssuingCertificateAuthorityId string `` /* 152-byte string literal not displayed */
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.CreateCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificate].

func (*CreateCertificateRequest) Descriptor deprecated

func (*CreateCertificateRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateCertificateRequest.ProtoReflect.Descriptor instead.

func (*CreateCertificateRequest) GetCertificate

func (x *CreateCertificateRequest) GetCertificate() *Certificate

func (*CreateCertificateRequest) GetCertificateId

func (x *CreateCertificateRequest) GetCertificateId() string

func (*CreateCertificateRequest) GetIssuingCertificateAuthorityId

func (x *CreateCertificateRequest) GetIssuingCertificateAuthorityId() string

func (*CreateCertificateRequest) GetParent

func (x *CreateCertificateRequest) GetParent() string

func (*CreateCertificateRequest) GetRequestId

func (x *CreateCertificateRequest) GetRequestId() string

func (*CreateCertificateRequest) GetValidateOnly

func (x *CreateCertificateRequest) GetValidateOnly() bool

func (*CreateCertificateRequest) ProtoMessage

func (*CreateCertificateRequest) ProtoMessage()

func (*CreateCertificateRequest) ProtoReflect

func (x *CreateCertificateRequest) ProtoReflect() protoreflect.Message

func (*CreateCertificateRequest) Reset

func (x *CreateCertificateRequest) Reset()

func (*CreateCertificateRequest) String

func (x *CreateCertificateRequest) String() string

type CreateCertificateTemplateRequest

type CreateCertificateTemplateRequest struct {

	// Required. The resource name of the location associated with the
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	CertificateTemplateId string `` /* 126-byte string literal not displayed */
	// Required. A [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] with initial field values.
	CertificateTemplate *CertificateTemplate `protobuf:"bytes,3,opt,name=certificate_template,json=certificateTemplate,proto3" json:"certificate_template,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.CreateCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificateTemplate].

func (*CreateCertificateTemplateRequest) Descriptor deprecated

func (*CreateCertificateTemplateRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateCertificateTemplateRequest.ProtoReflect.Descriptor instead.

func (*CreateCertificateTemplateRequest) GetCertificateTemplate

func (x *CreateCertificateTemplateRequest) GetCertificateTemplate() *CertificateTemplate

func (*CreateCertificateTemplateRequest) GetCertificateTemplateId

func (x *CreateCertificateTemplateRequest) GetCertificateTemplateId() string

func (*CreateCertificateTemplateRequest) GetParent

func (*CreateCertificateTemplateRequest) GetRequestId

func (x *CreateCertificateTemplateRequest) GetRequestId() string

func (*CreateCertificateTemplateRequest) ProtoMessage

func (*CreateCertificateTemplateRequest) ProtoMessage()

func (*CreateCertificateTemplateRequest) ProtoReflect

func (*CreateCertificateTemplateRequest) Reset

func (*CreateCertificateTemplateRequest) String

type DeleteCaPoolRequest

type DeleteCaPoolRequest struct {

	// Required. The resource name for this [CaPool][google.cloud.security.privateca.v1.CaPool] in the
	// format `projects/*/locations/*/caPools/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.DeleteCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCaPool].

func (*DeleteCaPoolRequest) Descriptor deprecated

func (*DeleteCaPoolRequest) Descriptor() ([]byte, []int)

Deprecated: Use DeleteCaPoolRequest.ProtoReflect.Descriptor instead.

func (*DeleteCaPoolRequest) GetName

func (x *DeleteCaPoolRequest) GetName() string

func (*DeleteCaPoolRequest) GetRequestId

func (x *DeleteCaPoolRequest) GetRequestId() string

func (*DeleteCaPoolRequest) ProtoMessage

func (*DeleteCaPoolRequest) ProtoMessage()

func (*DeleteCaPoolRequest) ProtoReflect

func (x *DeleteCaPoolRequest) ProtoReflect() protoreflect.Message

func (*DeleteCaPoolRequest) Reset

func (x *DeleteCaPoolRequest) Reset()

func (*DeleteCaPoolRequest) String

func (x *DeleteCaPoolRequest) String() string

type DeleteCertificateAuthorityRequest

type DeleteCertificateAuthorityRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the
	// format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// Optional. This field allows the CA to be deleted even if the CA has
	// active certs. Active certs include both unrevoked and unexpired certs.
	IgnoreActiveCertificates bool `` /* 136-byte string literal not displayed */
	// Optional. If this flag is set, the Certificate Authority will be deleted as soon as
	// possible without a 30-day grace period where undeletion would have been
	// allowed. If you proceed, there will be no way to recover this CA.
	SkipGracePeriod bool `protobuf:"varint,5,opt,name=skip_grace_period,json=skipGracePeriod,proto3" json:"skip_grace_period,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.DeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCertificateAuthority].

func (*DeleteCertificateAuthorityRequest) Descriptor deprecated

func (*DeleteCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use DeleteCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*DeleteCertificateAuthorityRequest) GetIgnoreActiveCertificates

func (x *DeleteCertificateAuthorityRequest) GetIgnoreActiveCertificates() bool

func (*DeleteCertificateAuthorityRequest) GetName

func (*DeleteCertificateAuthorityRequest) GetRequestId

func (x *DeleteCertificateAuthorityRequest) GetRequestId() string

func (*DeleteCertificateAuthorityRequest) GetSkipGracePeriod

func (x *DeleteCertificateAuthorityRequest) GetSkipGracePeriod() bool

func (*DeleteCertificateAuthorityRequest) ProtoMessage

func (*DeleteCertificateAuthorityRequest) ProtoMessage()

func (*DeleteCertificateAuthorityRequest) ProtoReflect

func (*DeleteCertificateAuthorityRequest) Reset

func (*DeleteCertificateAuthorityRequest) String

type DeleteCertificateTemplateRequest

type DeleteCertificateTemplateRequest struct {

	// Required. The resource name for this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] in the format
	// `projects/*/locations/*/certificateTemplates/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.DeleteCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCertificateTemplate].

func (*DeleteCertificateTemplateRequest) Descriptor deprecated

func (*DeleteCertificateTemplateRequest) Descriptor() ([]byte, []int)

Deprecated: Use DeleteCertificateTemplateRequest.ProtoReflect.Descriptor instead.

func (*DeleteCertificateTemplateRequest) GetName

func (*DeleteCertificateTemplateRequest) GetRequestId

func (x *DeleteCertificateTemplateRequest) GetRequestId() string

func (*DeleteCertificateTemplateRequest) ProtoMessage

func (*DeleteCertificateTemplateRequest) ProtoMessage()

func (*DeleteCertificateTemplateRequest) ProtoReflect

func (*DeleteCertificateTemplateRequest) Reset

func (*DeleteCertificateTemplateRequest) String

type DisableCertificateAuthorityRequest

type DisableCertificateAuthorityRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the
	// format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.DisableCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.DisableCertificateAuthority].

func (*DisableCertificateAuthorityRequest) Descriptor deprecated

func (*DisableCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use DisableCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*DisableCertificateAuthorityRequest) GetName

func (*DisableCertificateAuthorityRequest) GetRequestId

func (x *DisableCertificateAuthorityRequest) GetRequestId() string

func (*DisableCertificateAuthorityRequest) ProtoMessage

func (*DisableCertificateAuthorityRequest) ProtoMessage()

func (*DisableCertificateAuthorityRequest) ProtoReflect

func (*DisableCertificateAuthorityRequest) Reset

func (*DisableCertificateAuthorityRequest) String

type EnableCertificateAuthorityRequest

type EnableCertificateAuthorityRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the
	// format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.EnableCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.EnableCertificateAuthority].

func (*EnableCertificateAuthorityRequest) Descriptor deprecated

func (*EnableCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use EnableCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*EnableCertificateAuthorityRequest) GetName

func (*EnableCertificateAuthorityRequest) GetRequestId

func (x *EnableCertificateAuthorityRequest) GetRequestId() string

func (*EnableCertificateAuthorityRequest) ProtoMessage

func (*EnableCertificateAuthorityRequest) ProtoMessage()

func (*EnableCertificateAuthorityRequest) ProtoReflect

func (*EnableCertificateAuthorityRequest) Reset

func (*EnableCertificateAuthorityRequest) String

type FetchCaCertsRequest

type FetchCaCertsRequest struct {

	// Required. The resource name for the [CaPool][google.cloud.security.privateca.v1.CaPool] in the
	// format `projects/*/locations/*/caPools/*`.
	CaPool string `protobuf:"bytes,1,opt,name=ca_pool,json=caPool,proto3" json:"ca_pool,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.FetchCaCerts][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCaCerts].

func (*FetchCaCertsRequest) Descriptor deprecated

func (*FetchCaCertsRequest) Descriptor() ([]byte, []int)

Deprecated: Use FetchCaCertsRequest.ProtoReflect.Descriptor instead.

func (*FetchCaCertsRequest) GetCaPool

func (x *FetchCaCertsRequest) GetCaPool() string

func (*FetchCaCertsRequest) GetRequestId

func (x *FetchCaCertsRequest) GetRequestId() string

func (*FetchCaCertsRequest) ProtoMessage

func (*FetchCaCertsRequest) ProtoMessage()

func (*FetchCaCertsRequest) ProtoReflect

func (x *FetchCaCertsRequest) ProtoReflect() protoreflect.Message

func (*FetchCaCertsRequest) Reset

func (x *FetchCaCertsRequest) Reset()

func (*FetchCaCertsRequest) String

func (x *FetchCaCertsRequest) String() string

type FetchCaCertsResponse

type FetchCaCertsResponse struct {

	// The PEM encoded CA certificate chains of all
	// [ACTIVE][CertificateAuthority.State.ACTIVE] [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// resources in this [CaPool][google.cloud.security.privateca.v1.CaPool].
	CaCerts []*FetchCaCertsResponse_CertChain `protobuf:"bytes,1,rep,name=ca_certs,json=caCerts,proto3" json:"ca_certs,omitempty"`
	// contains filtered or unexported fields
}

Response message for [CertificateAuthorityService.FetchCaCerts][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCaCerts].

func (*FetchCaCertsResponse) Descriptor deprecated

func (*FetchCaCertsResponse) Descriptor() ([]byte, []int)

Deprecated: Use FetchCaCertsResponse.ProtoReflect.Descriptor instead.

func (*FetchCaCertsResponse) GetCaCerts

func (*FetchCaCertsResponse) ProtoMessage

func (*FetchCaCertsResponse) ProtoMessage()

func (*FetchCaCertsResponse) ProtoReflect

func (x *FetchCaCertsResponse) ProtoReflect() protoreflect.Message

func (*FetchCaCertsResponse) Reset

func (x *FetchCaCertsResponse) Reset()

func (*FetchCaCertsResponse) String

func (x *FetchCaCertsResponse) String() string

type FetchCaCertsResponse_CertChain

type FetchCaCertsResponse_CertChain struct {

	// The certificates that form the CA chain, from leaf to root order.
	Certificates []string `protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
	// contains filtered or unexported fields
}

func (*FetchCaCertsResponse_CertChain) Descriptor deprecated

func (*FetchCaCertsResponse_CertChain) Descriptor() ([]byte, []int)

Deprecated: Use FetchCaCertsResponse_CertChain.ProtoReflect.Descriptor instead.

func (*FetchCaCertsResponse_CertChain) GetCertificates

func (x *FetchCaCertsResponse_CertChain) GetCertificates() []string

func (*FetchCaCertsResponse_CertChain) ProtoMessage

func (*FetchCaCertsResponse_CertChain) ProtoMessage()

func (*FetchCaCertsResponse_CertChain) ProtoReflect

func (*FetchCaCertsResponse_CertChain) Reset

func (x *FetchCaCertsResponse_CertChain) Reset()

func (*FetchCaCertsResponse_CertChain) String

type FetchCertificateAuthorityCsrRequest

type FetchCertificateAuthorityCsrRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the
	// format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr].

func (*FetchCertificateAuthorityCsrRequest) Descriptor deprecated

func (*FetchCertificateAuthorityCsrRequest) Descriptor() ([]byte, []int)

Deprecated: Use FetchCertificateAuthorityCsrRequest.ProtoReflect.Descriptor instead.

func (*FetchCertificateAuthorityCsrRequest) GetName

func (*FetchCertificateAuthorityCsrRequest) ProtoMessage

func (*FetchCertificateAuthorityCsrRequest) ProtoMessage()

func (*FetchCertificateAuthorityCsrRequest) ProtoReflect

func (*FetchCertificateAuthorityCsrRequest) Reset

func (*FetchCertificateAuthorityCsrRequest) String

type FetchCertificateAuthorityCsrResponse

type FetchCertificateAuthorityCsrResponse struct {

	// Output only. The PEM-encoded signed certificate signing request (CSR).
	PemCsr string `protobuf:"bytes,1,opt,name=pem_csr,json=pemCsr,proto3" json:"pem_csr,omitempty"`
	// contains filtered or unexported fields
}

Response message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr].

func (*FetchCertificateAuthorityCsrResponse) Descriptor deprecated

func (*FetchCertificateAuthorityCsrResponse) Descriptor() ([]byte, []int)

Deprecated: Use FetchCertificateAuthorityCsrResponse.ProtoReflect.Descriptor instead.

func (*FetchCertificateAuthorityCsrResponse) GetPemCsr

func (*FetchCertificateAuthorityCsrResponse) ProtoMessage

func (*FetchCertificateAuthorityCsrResponse) ProtoMessage()

func (*FetchCertificateAuthorityCsrResponse) ProtoReflect

func (*FetchCertificateAuthorityCsrResponse) Reset

func (*FetchCertificateAuthorityCsrResponse) String

type GetCaPoolRequest

type GetCaPoolRequest struct {

	// Required. The [name][google.cloud.security.privateca.v1.CaPool.name] of the [CaPool][google.cloud.security.privateca.v1.CaPool] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.GetCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCaPool].

func (*GetCaPoolRequest) Descriptor deprecated

func (*GetCaPoolRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetCaPoolRequest.ProtoReflect.Descriptor instead.

func (*GetCaPoolRequest) GetName

func (x *GetCaPoolRequest) GetName() string

func (*GetCaPoolRequest) ProtoMessage

func (*GetCaPoolRequest) ProtoMessage()

func (*GetCaPoolRequest) ProtoReflect

func (x *GetCaPoolRequest) ProtoReflect() protoreflect.Message

func (*GetCaPoolRequest) Reset

func (x *GetCaPoolRequest) Reset()

func (*GetCaPoolRequest) String

func (x *GetCaPoolRequest) String() string

type GetCertificateAuthorityRequest

type GetCertificateAuthorityRequest struct {

	// Required. The [name][google.cloud.security.privateca.v1.CertificateAuthority.name] of the [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] to
	// get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.GetCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateAuthority].

func (*GetCertificateAuthorityRequest) Descriptor deprecated

func (*GetCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*GetCertificateAuthorityRequest) GetName

func (*GetCertificateAuthorityRequest) ProtoMessage

func (*GetCertificateAuthorityRequest) ProtoMessage()

func (*GetCertificateAuthorityRequest) ProtoReflect

func (*GetCertificateAuthorityRequest) Reset

func (x *GetCertificateAuthorityRequest) Reset()

func (*GetCertificateAuthorityRequest) String

type GetCertificateRequest

type GetCertificateRequest struct {

	// Required. The [name][google.cloud.security.privateca.v1.Certificate.name] of the [Certificate][google.cloud.security.privateca.v1.Certificate] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.GetCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificate].

func (*GetCertificateRequest) Descriptor deprecated

func (*GetCertificateRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetCertificateRequest.ProtoReflect.Descriptor instead.

func (*GetCertificateRequest) GetName

func (x *GetCertificateRequest) GetName() string

func (*GetCertificateRequest) ProtoMessage

func (*GetCertificateRequest) ProtoMessage()

func (*GetCertificateRequest) ProtoReflect

func (x *GetCertificateRequest) ProtoReflect() protoreflect.Message

func (*GetCertificateRequest) Reset

func (x *GetCertificateRequest) Reset()

func (*GetCertificateRequest) String

func (x *GetCertificateRequest) String() string

type GetCertificateRevocationListRequest

type GetCertificateRevocationListRequest struct {

	// Required. The [name][google.cloud.security.privateca.v1.CertificateRevocationList.name] of the
	// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.GetCertificateRevocationList][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateRevocationList].

func (*GetCertificateRevocationListRequest) Descriptor deprecated

func (*GetCertificateRevocationListRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetCertificateRevocationListRequest.ProtoReflect.Descriptor instead.

func (*GetCertificateRevocationListRequest) GetName

func (*GetCertificateRevocationListRequest) ProtoMessage

func (*GetCertificateRevocationListRequest) ProtoMessage()

func (*GetCertificateRevocationListRequest) ProtoReflect

func (*GetCertificateRevocationListRequest) Reset

func (*GetCertificateRevocationListRequest) String

type GetCertificateTemplateRequest

type GetCertificateTemplateRequest struct {

	// Required. The [name][google.cloud.security.privateca.v1.CertificateTemplate.name] of the [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] to
	// get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.GetCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateTemplate].

func (*GetCertificateTemplateRequest) Descriptor deprecated

func (*GetCertificateTemplateRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetCertificateTemplateRequest.ProtoReflect.Descriptor instead.

func (*GetCertificateTemplateRequest) GetName

func (*GetCertificateTemplateRequest) ProtoMessage

func (*GetCertificateTemplateRequest) ProtoMessage()

func (*GetCertificateTemplateRequest) ProtoReflect

func (*GetCertificateTemplateRequest) Reset

func (x *GetCertificateTemplateRequest) Reset()

func (*GetCertificateTemplateRequest) String

type KeyUsage

type KeyUsage struct {

	// Describes high-level ways in which a key may be used.
	BaseKeyUsage *KeyUsage_KeyUsageOptions `protobuf:"bytes,1,opt,name=base_key_usage,json=baseKeyUsage,proto3" json:"base_key_usage,omitempty"`
	// Detailed scenarios in which a key may be used.
	ExtendedKeyUsage *KeyUsage_ExtendedKeyUsageOptions `protobuf:"bytes,2,opt,name=extended_key_usage,json=extendedKeyUsage,proto3" json:"extended_key_usage,omitempty"`
	// Used to describe extended key usages that are not listed in the
	// [KeyUsage.ExtendedKeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions] message.
	UnknownExtendedKeyUsages []*ObjectId `` /* 137-byte string literal not displayed */
	// contains filtered or unexported fields
}

A [KeyUsage][google.cloud.security.privateca.v1.KeyUsage] describes key usage values that may appear in an X.509 certificate.

func (*KeyUsage) Descriptor deprecated

func (*KeyUsage) Descriptor() ([]byte, []int)

Deprecated: Use KeyUsage.ProtoReflect.Descriptor instead.

func (*KeyUsage) GetBaseKeyUsage

func (x *KeyUsage) GetBaseKeyUsage() *KeyUsage_KeyUsageOptions

func (*KeyUsage) GetExtendedKeyUsage

func (x *KeyUsage) GetExtendedKeyUsage() *KeyUsage_ExtendedKeyUsageOptions

func (*KeyUsage) GetUnknownExtendedKeyUsages

func (x *KeyUsage) GetUnknownExtendedKeyUsages() []*ObjectId

func (*KeyUsage) ProtoMessage

func (*KeyUsage) ProtoMessage()

func (*KeyUsage) ProtoReflect

func (x *KeyUsage) ProtoReflect() protoreflect.Message

func (*KeyUsage) Reset

func (x *KeyUsage) Reset()

func (*KeyUsage) String

func (x *KeyUsage) String() string

type KeyUsage_ExtendedKeyUsageOptions

type KeyUsage_ExtendedKeyUsageOptions struct {

	// Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW
	// server authentication", though regularly used for non-WWW TLS.
	ServerAuth bool `protobuf:"varint,1,opt,name=server_auth,json=serverAuth,proto3" json:"server_auth,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW
	// client authentication", though regularly used for non-WWW TLS.
	ClientAuth bool `protobuf:"varint,2,opt,name=client_auth,json=clientAuth,proto3" json:"client_auth,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of
	// downloadable executable code client authentication".
	CodeSigning bool `protobuf:"varint,3,opt,name=code_signing,json=codeSigning,proto3" json:"code_signing,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email
	// protection".
	EmailProtection bool `protobuf:"varint,4,opt,name=email_protection,json=emailProtection,proto3" json:"email_protection,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding
	// the hash of an object to a time".
	TimeStamping bool `protobuf:"varint,5,opt,name=time_stamping,json=timeStamping,proto3" json:"time_stamping,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing
	// OCSP responses".
	OcspSigning bool `protobuf:"varint,6,opt,name=ocsp_signing,json=ocspSigning,proto3" json:"ocsp_signing,omitempty"`
	// contains filtered or unexported fields
}

[KeyUsage.ExtendedKeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions] has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

func (*KeyUsage_ExtendedKeyUsageOptions) Descriptor deprecated

func (*KeyUsage_ExtendedKeyUsageOptions) Descriptor() ([]byte, []int)

Deprecated: Use KeyUsage_ExtendedKeyUsageOptions.ProtoReflect.Descriptor instead.

func (*KeyUsage_ExtendedKeyUsageOptions) GetClientAuth

func (x *KeyUsage_ExtendedKeyUsageOptions) GetClientAuth() bool

func (*KeyUsage_ExtendedKeyUsageOptions) GetCodeSigning

func (x *KeyUsage_ExtendedKeyUsageOptions) GetCodeSigning() bool

func (*KeyUsage_ExtendedKeyUsageOptions) GetEmailProtection

func (x *KeyUsage_ExtendedKeyUsageOptions) GetEmailProtection() bool

func (*KeyUsage_ExtendedKeyUsageOptions) GetOcspSigning

func (x *KeyUsage_ExtendedKeyUsageOptions) GetOcspSigning() bool

func (*KeyUsage_ExtendedKeyUsageOptions) GetServerAuth

func (x *KeyUsage_ExtendedKeyUsageOptions) GetServerAuth() bool

func (*KeyUsage_ExtendedKeyUsageOptions) GetTimeStamping

func (x *KeyUsage_ExtendedKeyUsageOptions) GetTimeStamping() bool

func (*KeyUsage_ExtendedKeyUsageOptions) ProtoMessage

func (*KeyUsage_ExtendedKeyUsageOptions) ProtoMessage()

func (*KeyUsage_ExtendedKeyUsageOptions) ProtoReflect

func (*KeyUsage_ExtendedKeyUsageOptions) Reset

func (*KeyUsage_ExtendedKeyUsageOptions) String

type KeyUsage_KeyUsageOptions

type KeyUsage_KeyUsageOptions struct {

	// The key may be used for digital signatures.
	DigitalSignature bool `protobuf:"varint,1,opt,name=digital_signature,json=digitalSignature,proto3" json:"digital_signature,omitempty"`
	// The key may be used for cryptographic commitments. Note that this may
	// also be referred to as "non-repudiation".
	ContentCommitment bool `protobuf:"varint,2,opt,name=content_commitment,json=contentCommitment,proto3" json:"content_commitment,omitempty"`
	// The key may be used to encipher other keys.
	KeyEncipherment bool `protobuf:"varint,3,opt,name=key_encipherment,json=keyEncipherment,proto3" json:"key_encipherment,omitempty"`
	// The key may be used to encipher data.
	DataEncipherment bool `protobuf:"varint,4,opt,name=data_encipherment,json=dataEncipherment,proto3" json:"data_encipherment,omitempty"`
	// The key may be used in a key agreement protocol.
	KeyAgreement bool `protobuf:"varint,5,opt,name=key_agreement,json=keyAgreement,proto3" json:"key_agreement,omitempty"`
	// The key may be used to sign certificates.
	CertSign bool `protobuf:"varint,6,opt,name=cert_sign,json=certSign,proto3" json:"cert_sign,omitempty"`
	// The key may be used sign certificate revocation lists.
	CrlSign bool `protobuf:"varint,7,opt,name=crl_sign,json=crlSign,proto3" json:"crl_sign,omitempty"`
	// The key may be used to encipher only.
	EncipherOnly bool `protobuf:"varint,8,opt,name=encipher_only,json=encipherOnly,proto3" json:"encipher_only,omitempty"`
	// The key may be used to decipher only.
	DecipherOnly bool `protobuf:"varint,9,opt,name=decipher_only,json=decipherOnly,proto3" json:"decipher_only,omitempty"`
	// contains filtered or unexported fields
}

[KeyUsage.KeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions] corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

func (*KeyUsage_KeyUsageOptions) Descriptor deprecated

func (*KeyUsage_KeyUsageOptions) Descriptor() ([]byte, []int)

Deprecated: Use KeyUsage_KeyUsageOptions.ProtoReflect.Descriptor instead.

func (*KeyUsage_KeyUsageOptions) GetCertSign

func (x *KeyUsage_KeyUsageOptions) GetCertSign() bool

func (*KeyUsage_KeyUsageOptions) GetContentCommitment

func (x *KeyUsage_KeyUsageOptions) GetContentCommitment() bool

func (*KeyUsage_KeyUsageOptions) GetCrlSign

func (x *KeyUsage_KeyUsageOptions) GetCrlSign() bool

func (*KeyUsage_KeyUsageOptions) GetDataEncipherment

func (x *KeyUsage_KeyUsageOptions) GetDataEncipherment() bool

func (*KeyUsage_KeyUsageOptions) GetDecipherOnly

func (x *KeyUsage_KeyUsageOptions) GetDecipherOnly() bool

func (*KeyUsage_KeyUsageOptions) GetDigitalSignature

func (x *KeyUsage_KeyUsageOptions) GetDigitalSignature() bool

func (*KeyUsage_KeyUsageOptions) GetEncipherOnly

func (x *KeyUsage_KeyUsageOptions) GetEncipherOnly() bool

func (*KeyUsage_KeyUsageOptions) GetKeyAgreement

func (x *KeyUsage_KeyUsageOptions) GetKeyAgreement() bool

func (*KeyUsage_KeyUsageOptions) GetKeyEncipherment

func (x *KeyUsage_KeyUsageOptions) GetKeyEncipherment() bool

func (*KeyUsage_KeyUsageOptions) ProtoMessage

func (*KeyUsage_KeyUsageOptions) ProtoMessage()

func (*KeyUsage_KeyUsageOptions) ProtoReflect

func (x *KeyUsage_KeyUsageOptions) ProtoReflect() protoreflect.Message

func (*KeyUsage_KeyUsageOptions) Reset

func (x *KeyUsage_KeyUsageOptions) Reset()

func (*KeyUsage_KeyUsageOptions) String

func (x *KeyUsage_KeyUsageOptions) String() string

type ListCaPoolsRequest

type ListCaPoolsRequest struct {

	// Required. The resource name of the location associated with the
	// [CaPools][google.cloud.security.privateca.v1.CaPool], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Limit on the number of [CaPools][google.cloud.security.privateca.v1.CaPool] to
	// include in the response.
	// Further [CaPools][google.cloud.security.privateca.v1.CaPool] can subsequently be
	// obtained by including the
	// [ListCaPoolsResponse.next_page_token][google.cloud.security.privateca.v1.ListCaPoolsResponse.next_page_token] in a subsequent
	// request. If unspecified, the server will pick an appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Pagination token, returned earlier via
	// [ListCaPoolsResponse.next_page_token][google.cloud.security.privateca.v1.ListCaPoolsResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response.
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted.
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.ListCaPools][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCaPools].

func (*ListCaPoolsRequest) Descriptor deprecated

func (*ListCaPoolsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListCaPoolsRequest.ProtoReflect.Descriptor instead.

func (*ListCaPoolsRequest) GetFilter

func (x *ListCaPoolsRequest) GetFilter() string

func (*ListCaPoolsRequest) GetOrderBy

func (x *ListCaPoolsRequest) GetOrderBy() string

func (*ListCaPoolsRequest) GetPageSize

func (x *ListCaPoolsRequest) GetPageSize() int32

func (*ListCaPoolsRequest) GetPageToken

func (x *ListCaPoolsRequest) GetPageToken() string

func (*ListCaPoolsRequest) GetParent

func (x *ListCaPoolsRequest) GetParent() string

func (*ListCaPoolsRequest) ProtoMessage

func (*ListCaPoolsRequest) ProtoMessage()

func (*ListCaPoolsRequest) ProtoReflect

func (x *ListCaPoolsRequest) ProtoReflect() protoreflect.Message

func (*ListCaPoolsRequest) Reset

func (x *ListCaPoolsRequest) Reset()

func (*ListCaPoolsRequest) String

func (x *ListCaPoolsRequest) String() string

type ListCaPoolsResponse

type ListCaPoolsResponse struct {

	// The list of [CaPools][google.cloud.security.privateca.v1.CaPool].
	CaPools []*CaPool `protobuf:"bytes,1,rep,name=ca_pools,json=caPools,proto3" json:"ca_pools,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListCertificateAuthoritiesRequest.next_page_token][] to retrieve the next
	// page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// A list of locations (e.g. "us-west1") that could not be reached.
	Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
	// contains filtered or unexported fields
}

Response message for [CertificateAuthorityService.ListCaPools][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCaPools].

func (*ListCaPoolsResponse) Descriptor deprecated

func (*ListCaPoolsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListCaPoolsResponse.ProtoReflect.Descriptor instead.

func (*ListCaPoolsResponse) GetCaPools

func (x *ListCaPoolsResponse) GetCaPools() []*CaPool

func (*ListCaPoolsResponse) GetNextPageToken

func (x *ListCaPoolsResponse) GetNextPageToken() string

func (*ListCaPoolsResponse) GetUnreachable

func (x *ListCaPoolsResponse) GetUnreachable() []string

func (*ListCaPoolsResponse) ProtoMessage

func (*ListCaPoolsResponse) ProtoMessage()

func (*ListCaPoolsResponse) ProtoReflect

func (x *ListCaPoolsResponse) ProtoReflect() protoreflect.Message

func (*ListCaPoolsResponse) Reset

func (x *ListCaPoolsResponse) Reset()

func (*ListCaPoolsResponse) String

func (x *ListCaPoolsResponse) String() string

type ListCertificateAuthoritiesRequest

type ListCertificateAuthoritiesRequest struct {

	// Required. The resource name of the [CaPool][google.cloud.security.privateca.v1.CaPool] associated with the
	// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority], in the format
	// `projects/*/locations/*/caPools/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Limit on the number of [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority] to
	// include in the response.
	// Further [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority] can subsequently be
	// obtained by including the
	// [ListCertificateAuthoritiesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse.next_page_token] in a subsequent
	// request. If unspecified, the server will pick an appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Pagination token, returned earlier via
	// [ListCertificateAuthoritiesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response.
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted.
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.ListCertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateAuthorities].

func (*ListCertificateAuthoritiesRequest) Descriptor deprecated

func (*ListCertificateAuthoritiesRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListCertificateAuthoritiesRequest.ProtoReflect.Descriptor instead.

func (*ListCertificateAuthoritiesRequest) GetFilter

func (*ListCertificateAuthoritiesRequest) GetOrderBy

func (x *ListCertificateAuthoritiesRequest) GetOrderBy() string

func (*ListCertificateAuthoritiesRequest) GetPageSize

func (x *ListCertificateAuthoritiesRequest) GetPageSize() int32

func (*ListCertificateAuthoritiesRequest) GetPageToken

func (x *ListCertificateAuthoritiesRequest) GetPageToken() string

func (*ListCertificateAuthoritiesRequest) GetParent

func (*ListCertificateAuthoritiesRequest) ProtoMessage

func (*ListCertificateAuthoritiesRequest) ProtoMessage()

func (*ListCertificateAuthoritiesRequest) ProtoReflect

func (*ListCertificateAuthoritiesRequest) Reset

func (*ListCertificateAuthoritiesRequest) String

type ListCertificateAuthoritiesResponse

type ListCertificateAuthoritiesResponse struct {

	// The list of [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority].
	CertificateAuthorities []*CertificateAuthority `` /* 127-byte string literal not displayed */
	// A token to retrieve next page of results. Pass this value in
	// [ListCertificateAuthoritiesRequest.next_page_token][] to retrieve the next
	// page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// A list of locations (e.g. "us-west1") that could not be reached.
	Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
	// contains filtered or unexported fields
}

Response message for [CertificateAuthorityService.ListCertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateAuthorities].

func (*ListCertificateAuthoritiesResponse) Descriptor deprecated

func (*ListCertificateAuthoritiesResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListCertificateAuthoritiesResponse.ProtoReflect.Descriptor instead.

func (*ListCertificateAuthoritiesResponse) GetCertificateAuthorities

func (x *ListCertificateAuthoritiesResponse) GetCertificateAuthorities() []*CertificateAuthority

func (*ListCertificateAuthoritiesResponse) GetNextPageToken

func (x *ListCertificateAuthoritiesResponse) GetNextPageToken() string

func (*ListCertificateAuthoritiesResponse) GetUnreachable

func (x *ListCertificateAuthoritiesResponse) GetUnreachable() []string

func (*ListCertificateAuthoritiesResponse) ProtoMessage

func (*ListCertificateAuthoritiesResponse) ProtoMessage()

func (*ListCertificateAuthoritiesResponse) ProtoReflect

func (*ListCertificateAuthoritiesResponse) Reset

func (*ListCertificateAuthoritiesResponse) String

type ListCertificateRevocationListsRequest

type ListCertificateRevocationListsRequest struct {

	// Required. The resource name of the location associated with the
	// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList], in the format
	// `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Limit on the number of
	// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList] to include in the
	// response. Further [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList]
	// can subsequently be obtained by including the
	// [ListCertificateRevocationListsResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse.next_page_token] in a subsequent
	// request. If unspecified, the server will pick an appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Pagination token, returned earlier via
	// [ListCertificateRevocationListsResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response.
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted.
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.ListCertificateRevocationLists][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateRevocationLists].

func (*ListCertificateRevocationListsRequest) Descriptor deprecated

func (*ListCertificateRevocationListsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListCertificateRevocationListsRequest.ProtoReflect.Descriptor instead.

func (*ListCertificateRevocationListsRequest) GetFilter

func (*ListCertificateRevocationListsRequest) GetOrderBy

func (*ListCertificateRevocationListsRequest) GetPageSize

func (*ListCertificateRevocationListsRequest) GetPageToken

func (*ListCertificateRevocationListsRequest) GetParent

func (*ListCertificateRevocationListsRequest) ProtoMessage

func (*ListCertificateRevocationListsRequest) ProtoMessage()

func (*ListCertificateRevocationListsRequest) ProtoReflect

func (*ListCertificateRevocationListsRequest) Reset

func (*ListCertificateRevocationListsRequest) String

type ListCertificateRevocationListsResponse

type ListCertificateRevocationListsResponse struct {

	// The list of [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList].
	CertificateRevocationLists []*CertificateRevocationList `` /* 141-byte string literal not displayed */
	// A token to retrieve next page of results. Pass this value in
	// [ListCertificateRevocationListsRequest.next_page_token][] to retrieve the
	// next page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// A list of locations (e.g. "us-west1") that could not be reached.
	Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
	// contains filtered or unexported fields
}

Response message for [CertificateAuthorityService.ListCertificateRevocationLists][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateRevocationLists].

func (*ListCertificateRevocationListsResponse) Descriptor deprecated

func (*ListCertificateRevocationListsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListCertificateRevocationListsResponse.ProtoReflect.Descriptor instead.

func (*ListCertificateRevocationListsResponse) GetCertificateRevocationLists

func (x *ListCertificateRevocationListsResponse) GetCertificateRevocationLists() []*CertificateRevocationList

func (*ListCertificateRevocationListsResponse) GetNextPageToken

func (x *ListCertificateRevocationListsResponse) GetNextPageToken() string

func (*ListCertificateRevocationListsResponse) GetUnreachable

func (x *ListCertificateRevocationListsResponse) GetUnreachable() []string

func (*ListCertificateRevocationListsResponse) ProtoMessage

func (*ListCertificateRevocationListsResponse) ProtoReflect

func (*ListCertificateRevocationListsResponse) Reset